From 6780f3f1394eb1b2fa47e9cdc19b2016e00c4379 Mon Sep 17 00:00:00 2001
From: Andrey Konovalov
Date: Tue, 22 Oct 2019 22:29:53 +0200
Subject: Update README.md

---
 README.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/README.md b/README.md
index a9da759..a6f5cce 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,8 @@ Pull requests are welcome.
 
 ## Exploitation techniques
 
+[2019: "Kepler: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities"](https://www.usenix.org/sites/default/files/conference/protected-files/sec19_slides_wu-wei.pdf) [slides] [[video](https://www.youtube.com/watch?v=4b_GbFs5XZI)] [[paper](https://www.usenix.org/system/files/sec19-wu-wei.pdf)]
+
 [2019: "Leak kernel pointer by exploiting uninitialized uses in Linux kernel" by Jinbum Park](https://jinb-park.github.io/leak-kptr.html) [slides]
 
 [2018: "Linux Kernel universal heap spray" by Vitaly Nikolenko](https://cyseclabs.com/blog/linux-kernel-heap-spray) [article]
@@ -133,6 +135,10 @@ Pull requests are welcome.
 
 ### LPE
 
+[2019: "Tailoring CVE-2019-2215 to Achieve Root" by Grant Hernandez](https://hernan.de/blog/2019/10/15/tailoring-cve-2019-2215-to-achieve-root/) [article, CVE-2019-2215]
+
+[2019: "Android: Use-After-Free in Binder driver"](https://bugs.chromium.org/p/project-zero/issues/detail?id=1942) [announcement, CVE 2019-2215]
+
 [2019: "From	Zero	to	Root:	Building	Universal	Android	Rooting	with	a Type	Confusion	Vulnerability" by Wang Yong](https://github.com/ThomasKing2014/slides/blob/master/Building%20universal%20Android%20rooting%20with%20a%20type%20confusion%20vulnerability.pdf) [slides, CVE-2018-9568]
 
 [2019: "Android Binder: The Bridge To Root" by Hongli Han and Mingjian Zhou](https://conference.hitb.org/hitbsecconf2019ams/materials/D2T2%20-%20Binder%20-%20The%20Bridge%20to%20Root%20-%20Hongli%20Han%20&%20Mingjian%20Zhou.pdf) [slides, CVE-2019-2025]
@@ -363,6 +369,10 @@ Pull requests are welcome.
 
 ## Defensive
 
+[2019: "security things in Linux vX.X" by Kees Cook](https://outflux.net/blog/archives/2019/07/17/security-things-in-linux-v5-2/) [articles]
+
+[2019: "Control-Flow Integrity for the Linux kernel: A Security Evaluation" by Federico Manuel Bento](http://www.alunos.dcc.fc.up.pt/~up201407890/Thesis.pdf) [thesis]
+
 [2019: "Kernel Self-Protection Project" by Kees Cook](https://outflux.net/slides/2019/lss/kspp.pdf) [slides]
 
 [2019: "Touch but don’t look - Running the Kernel in Execute-only memory" by Rick Edgecombe](https://linuxplumbersconf.org/event/4/contributions/283/attachments/357/588/Touch_but_dont_look__Running_the_kernel_in_execute_only_memory-presented.pdf) [slides]
@@ -434,6 +444,8 @@ Pull requests are welcome.
 
 ## Vulnerability discovery
 
+[2019: "Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers"](https://hal.inria.fr/hal-02182516/document) [paper]
+
 [2019: "A gentle introduction to Linux Kernel fuzzing" by 
 Marek Majkowski](https://blog.cloudflare.com/a-gentle-introduction-to-linux-kernel-fuzzing/) [article]
 
@@ -453,6 +465,8 @@ Marek Majkowski](https://blog.cloudflare.com/a-gentle-introduction-to-linux-kern
 
 [2018: "RAZZER: Finding Kernel Race Bugs through Fuzzing"](https://lifeasageek.github.io/papers/jeong:razzer.pdf) [paper]
 
+[2018: "FastSyzkaller: Improving Fuzz Efficiency for Linux Kernel Fuzzing"](https://iopscience.iop.org/article/10.1088/1742-6596/1176/2/022013/pdf) [paper]
+
 [2018: "Writing the worlds worst Android fuzzer, and then improving it" by Brandon Falk](https://gamozolabs.github.io/fuzzing/2018/10/18/terrible_android_fuzzer.html) [article]
 
 2018: "From Thousands of Hours to a Couple of Minutes: Towards Automating Exploit Generation for Arbitrary Types of Kernel Vulnerabilities" [[slides](http://i.blackhat.com/us-18/Thu-August-9/us-18-Wu-Towards-Automating-Exploit-Generation-For-Arbitrary-Types-of-Kernel-Vulnerabilities.pdf)] [[whitepaper](http://i.blackhat.com/us-18/Thu-August-9/us-18-Wu-Towards-Automating-Exploit-Generation-For-Arbitrary-Types-of-Kernel-Vulnerabilities-wp.pdf)]
@@ -599,6 +613,10 @@ https://github.com/jollheef/lpe
 
 https://github.com/tangsilian/android-vuln
 
+https://github.com/grant-h/qu1ckr00t
+
+https://github.com/kangtastic/cve-2019-2215
+
 
 ## Practice
 
@@ -652,6 +670,12 @@ Security Fest 2019 (brainfuck64): [writeup](https://kileak.github.io/ctf/2019/se
 
 TokyoWesterns CTF 2019 (gnote): [writeup](https://rpis.ec/blog/tokyowesterns-2019-gnote/)
 
+Balsn CTF 2019 (KrazyNote): [exploit](https://github.com/Mem2019/Mem2019.github.io/blob/master/codes/krazynote.c)
+
+HITCON CTF Quals 2019 (PoE): [source and exploit](https://github.com/david942j/ctf-writeups/tree/master/hitcon-quals-2019/PoE)
+
+r2con CTF 2019: [source, exploit and writeup](https://github.com/esanfelix/r2con2019-ctf-kernel)
+
 
 ## Tools
 
@@ -683,6 +707,12 @@ https://github.com/PaoloMonti42/salt
 
 https://github.com/jollheef/out-of-tree
 
+https://github.com/nforest/droidimg
+
+https://github.com/elfmaster/kdress
+
+https://github.com/mephi42/ida-kallsyms/
+
 
 ### Misc
 
-- 
cgit v1.3