Update README.md

author: Andrey Konovalov 2020-01-15 02:09:43 +0100
committer: GitHub 2020-01-15 02:09:43 +0100
commit: f0624614c1e73a90f7758ee48af6a21cbfa1f129 (patch)
tree: 75f76b3ce726f707ba1691fea9c935552856f95f /README.md
parent: 8c34f2f8aae04cfa83359df18b55432e086f8d18 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/README.md b/README.md
index 8c871e7..bc52404 100644
--- a/README.md
+++ b/README.md
@@ -73,6 +73,8 @@ Pull requests are welcome.
 [2016, MOSEC 2016: "Talk is cheap, show me the code" by Keen Lab](https://speakerdeck.com/retme7/talk-is-cheap-show-me-the-code) [slides]
+[2016, Black Hat: "Randomization Can't Stop BPF JIT Spray" by Elena Reshetova](https://www.blackhat.com/docs/eu-16/materials/eu-16-Reshetova-Randomization-Can't-Stop-BPF-JIT-Spray.pdf) [slides] [[video](https://www.youtube.com/watch?v=_F7iQQ1Um2M)] [[whitepaper](https://www.blackhat.com/docs/eu-16/materials/eu-16-Reshetova-Randomization-Can't-Stop-BPF-JIT-Spray-wp.pdf)]
 [2015: "Kernel Data Attack is a Realistic Security Threat"](https://www.eecis.udel.edu/~hnw/paper/kerneldata.pdf) [whitepaper]
 [2015: "From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel"](http://repository.root-me.org/Exploitation%20-%20Syst%C3%A8me/Unix/EN%20-%20From%20collision%20to%20exploitation%3A%20Unleashing%20Use-After-Free%20vulnerabilities%20in%20Linux%20Kernel.pdf) [whitepaper]
@@ -342,6 +344,8 @@ Pull requests are welcome.
 ### RCE
+[2017: "Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 2)" by Gal Beniamini](https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html) [article, CVE-2017-0569]
 [2017: "BlueBorn: The dangers of Bluetooth implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks"](http://go.armis.com/hubfs/BlueBorne%20Technical%20White%20Paper.pdf?t=1505222709963) [whitepaper, CVE-2017-1000251]
 [2016: "CVE Publication: CVE 2016-8633" by Eyal Itkin](https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/) [article, CVE-2016-8633]
@@ -355,6 +359,8 @@ Pull requests are welcome.
 ### Other
+[2019: "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html" by Hugues Anguelkov](https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html) [article, CVE-2019-9503, CVE-2019-9500]
 [2019: "CVE-2019-2000 - Android kernel binder vulnerability analysis"](https://xz.aliyun.com/t/4494) [article, CVE-2019-2000]
 [2019: "Linux: virtual address 0 is mappable via privileged write() to /proc/\*/mem"](https://bugs.chromium.org/p/project-zero/issues/detail?id=1792&desc=2) [article, CVE-2019-9213]
@@ -796,3 +802,5 @@ https://github.com/R3x/How2Kernel
 https://www.twitch.tv/dayzerosec/videos?filter=all&sort=time
 https://github.com/pr0cf5/kernel-exploit-practice
+https://github.com/milabs/lkrg-bypass
author	Andrey Konovalov	2020-01-15 02:09:43 +0100
committer	GitHub	2020-01-15 02:09:43 +0100
commit	f0624614c1e73a90f7758ee48af6a21cbfa1f129 (patch)
tree	75f76b3ce726f707ba1691fea9c935552856f95f /README.md
parent	8c34f2f8aae04cfa83359df18b55432e086f8d18 (diff)