From 74f4b347d7d48d1e7e4a417c1d92486285f6b6c8 Mon Sep 17 00:00:00 2001
From: Andrey Konovalov
Date: Wed, 27 Jun 2018 16:56:02 +0200
Subject: Update README.md

---
 README.md | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 55440d0..65ad359 100644
--- a/README.md
+++ b/README.md
@@ -318,6 +318,8 @@ Pull requests are welcome.
 
 [2018, Linux Conf AU: "The State of Kernel Self Protection" by Kees Cook](https://outflux.net/slides/2018/lca/kspp.pdf) [slides]
 
+[2017, HitB: "Shadow-Box: The Practical and Omnipotent Sandbox" by Seunghun Han](http://conference.hitb.org/hitbsecconf2017ams/materials/D1T2%20-%20Seunghun%20Han%20-%20Shadow-Box%20-%20The%20Practical%20and%20Omnipotent%20Sandbox.pdf) [slides]
+
 [2017: "Towards Linux Kernel Memory Safety"](https://arxiv.org/pdf/1710.06175.pdf) [whitepaper]
 
 [2017: "Proposal of a Method to Prevent Privilege Escalation Attacks for Linux Kernel"](https://events.linuxfoundation.org/sites/events/files/slides/nakamura_20170831_1.pdf) [slides]
@@ -338,6 +340,8 @@ Pull requests are welcome.
 
 [2016: "Randomizing the Linux kernel heap freelists" by Thomas Garnier](https://medium.com/@mxatone/randomizing-the-linux-kernel-heap-freelists-b899bb99c767#.3csq8t23s) [article]
 
+[2015: "RAP: RIP ROP"](https://pax.grsecurity.net/docs/PaXTeam-H2HC15-RAP-RIP-ROP.pdf) [slides]
+
 [2015: "Protecting Commodity Operating Systems through Strong Kernel Isolation" by Vasileios Kemerlis](http://www.cs.columbia.edu/~angelos/Papers/theses/vpk_thesis.pdf) [whitepaper]
 
 [2014: "Kernel Self-Protection through Quantified Attack Surface Reduction" by Anil Kurmus](https://publikationsserver.tu-braunschweig.de/servlets/MCRFileNodeServlet/digibib_derivate_00036154/Diss_Kurmus_Anil.pdf) [whitepaper]
@@ -351,7 +355,9 @@ Pull requests are welcome.
 [2009, Phrack: "Linux Kernel Heap Tampering Detection" by Larry Highsmith](http://phrack.org/archives/issues/66/15.txt) [article]
 
 
-## Fuzzing & detectors
+## Vulnerability discovery
+
+[2018: "Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking" by Mateusz Jurczyk](https://j00ru.vexillium.org/papers/2018/bochspwn_reloaded.pdf) [whitepaper]
 
 [2018, BlackHat: "New Compat Vulnerabilities In Linux Device Drivers"](https://www.blackhat.com/docs/asia-18/asia-18-Ding-New-Compat-Vulnerabilities-In-Linux-Device-Drivers.pdf) [slides]
 
@@ -391,6 +397,8 @@ Pull requests are welcome.
 
 [2010: "Automatic Bug-finding Techniques for Linux Kernel" by Jiri Slaby](https://www.fi.muni.cz/~xslaby/sklad/teze.pdf) [whitepaper]
 
+[2009, DEF CON 11: "Opensource Kernel Auditing and Exploitation" by Silvio Cesare](https://www.youtube.com/watch?v=sNh2TD6Tf9Q&feature=youtu.be) [video]
+
 
 ## Fuzzers
 
@@ -451,6 +459,8 @@ https://github.com/jiayy/android_vuln_poc-exp
 
 https://github.com/brl/grlh
 
+https://github.com/externalist/exploit_playground
+
 
 ## Practice
 
@@ -501,6 +511,10 @@ http://www.openwall.com/lkrg/
 
 https://github.com/IAIK/meltdown
 
+https://github.com/nforest/droidimg
+
+https://github.com/a13xp0p0v/kconfig-hardened-check
+
 
 ### Misc
 
@@ -508,8 +522,6 @@ https://github.com/Fuzion24/AndroidKernelExploitationPlayground
 
 https://github.com/ReverseLab/kernel-pwn-challenge
 
-https://github.com/NoviceLive/research-rootkit
-
 https://github.com/djrbliss/libplayground
 
 [pwnable.kr tasks](http://pwnable.kr/play.php) (syscall, rootkit, softmmu, towelroot, kcrc, exynos)
@@ -531,3 +543,5 @@ https://github.com/kmcallister/alameda
 https://github.com/01org/jit-spray-poc-for-ksp
 
 https://forums.grsecurity.net/viewforum.php?f=7
+
+https://grsecurity.net/research.php
-- 
cgit v1.3