From 35c1eb49bb610997870d808859a3798d256a2ac0 Mon Sep 17 00:00:00 2001
From: Andrey Konovalov
Date: Fri, 27 Sep 2019 18:38:48 +0200
Subject: Update README.md

---
 README.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'README.md')

diff --git a/README.md b/README.md
index eb8fe69..5e6103e 100644
--- a/README.md
+++ b/README.md
@@ -108,6 +108,8 @@ Pull requests are welcome.
 
 ### Information leak
 
+[2019: "From IP ID to Device ID and KASLR Bypass (Extended Version)"](https://arxiv.org/pdf/1906.10478.pdf) [paper]
+
 [2018: "Kernel Memory disclosure & CANVAS Part 1 - Spectre: tips & tricks"](https://www.immunityinc.com/downloads/Kernel-Memory-Disclosure-and-Canvas_Part_1.pdf) [article, Spectre]
 
 [2018: "Kernel Memory disclosure & CANVAS Part 2 - CVE-2017-18344 analysis & exploitation notes"](https://www.immunityinc.com/downloads/Kernel-Memory-Disclosure-and-Canvas_Part_2.pdf) [article, CVE-2017-18344]
@@ -129,6 +131,8 @@ Pull requests are welcome.
 
 ### LPE
 
+[2019: "From	Zero	to	Root:	Building	Universal	Android	Rooting	with	a Type	Confusion	Vulnerability" by Wang Yong](https://github.com/ThomasKing2014/slides/blob/master/Building%20universal%20Android%20rooting%20with%20a%20type%20confusion%20vulnerability.pdf) [slides, CVE-2018-9568]
+
 [2019: "Android Binder: The Bridge To Root" by Hongli Han and Mingjian Zhou](https://conference.hitb.org/hitbsecconf2019ams/materials/D2T2%20-%20Binder%20-%20The%20Bridge%20to%20Root%20-%20Hongli%20Han%20&%20Mingjian%20Zhou.pdf) [slides, CVE-2019-2025]
 
 [2019: "The ‘Waterdrop’ in Android: A Binder Kernel Vulnerability" by Hongli Han](http://blogs.360.cn/post/Binder_Kernel_Vul_EN.html) [article, CVE-2019-2025]
@@ -420,6 +424,10 @@ Pull requests are welcome.
 
 ## Vulnerability discovery
 
+[2019: "Fuzzing File Systems via Two-Dimensional Input Space Exploration"](https://taesoo.kim/pubs/2019/xu:janus.pdf) [paper]
+
+[2019: "PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary"](https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04A-1_Song_paper.pdf) [paper]
+
 [2019: "Hourglass	Fuzz:	A	Quick	Bug	Hunting	Method"](https://conference.hitb.org/hitbsecconf2019ams/materials/D1T2%20-%20Hourglass%20Fuzz%20-%20A%20Quick%20Bug%20Hunting%20Method%20-%20Moony%20Li,%20Todd%20Han,%20Lance%20Jiang%20&%20Lilang%20Wu.pdf) [slides]
 
 [2019: "Fuzzing File Systems via Two-Dimensional Input Space Exploration"](https://taesoo.kim/pubs/2019/xu:janus.pdf) [paper]
@@ -503,6 +511,8 @@ https://github.com/schumilo/vUSBf
 
 https://github.com/ucsb-seclab/difuze
 
+https://github.com/compsec-snu/razzer
+
 
 ## Exploits
 
@@ -605,8 +615,12 @@ TWCTF 2018 (ReadableKernelModule): [writeup](http://r3ka.eu/2018/09/twctf-2018-r
 
 SECT CTF 2018 (Gh0st): [writeup](http://mslc.ctf.su/wp/sect-ctf-2018-gh0st/)
 
+WCTF 2018 (cpf): [source, writeup, and exploit](https://github.com/cykorteam/cykor_belluminar_2018/tree/master/cpf)
+
 Insomni'hack teaser 2019 (1118daysober): [writeup 1](https://ctftime.org/writeup/12919), [writeup 2](https://github.com/EmpireCTF/empirectf/blob/master/writeups/2019-01-19-Insomni-Hack-Teaser/README.md#1118daysober)
 
+Security Fest 2019 (brainfuck64): [writeup](https://kileak.github.io/ctf/2019/secfest-brainfuck64/)
+
 
 ## Tools
 
@@ -678,3 +692,5 @@ https://github.com/jameshilliard/linux-grsec/
 https://github.com/a13xp0p0v/kernel-hack-drill
 
 https://github.com/vnik5287/kernel_rop
+
+https://github.com/R3x/How2Kernel
-- 
cgit v1.3