sslab-gatech/ArcHeap

Stars
141
Rank 259,971 (Top 6 %)
Language
C
Created about 5 years ago
Updated over 3 years ago

sslab-gatech/ArcHeap

sslab-gatech

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives

ArcHeap: Automatic Techniques to Systematically Discover New Heap Exploitation Primitives

Environment

Tested on Ubuntu 16.04 64bit

Installation

$ ./setup.sh
$ ./install_dependencies.sh
$ ./build.sh

Installation using Docker

$ ./setup.sh
$ docker build -t archeap .
$ docker run -it archeap /bin/bash

How to use

Please check our artifact.

Trophies

Authors

Insu Yun ([email protected])
Dhaval Kapil ([email protected])
Taesoo Kim ([email protected])

Publications

@inproceedings{yun:archeap,
  title        = {{Automatic Techniques to Systematically Discover New Heap Exploitation Primitives}},
  author       = {Insu Yun and Dhaval Kapil and Taesoo Kim},
  booktitle    = {Proceedings of the 29th USENIX Security Symposium (Security)},
  month        = aug,
  year         = 2020,
}

Rudra

Rust Memory Safety & Undefined Behavior Detection

qsym

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

winnie

Winnie is an end-to-end system that makes fuzzing Windows applications easy

pwn2own2020

Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities

DrK

The DrK Attack - Proof of concept

opensgx

avpass

Tool for leaking and bypassing Android malware detection system

DIE

Fuzzing JavaScript Engines with Aspect-preserving Mutation

janus

Janus: a state-of-the-art file system fuzzer on Linux

hydra

Hydra: an Extensible Fuzzing Framework for Finding Semantic Bugs in File Systems

freedom

cs3210-rustos-public

Lab assignments for Georgia Tech CS 3210 "Design of Operating Systems"

perf-fuzz

sgx-tutorial-ccs17

SGX Tutorial at CCS17: SGX Security and Privacy

mosaic

autofz

autofz: Automated Fuzzer Composition at Runtime

apollo

A toolchain for automatically detecting, reporting, and diagnosing performance bugs in DBMSs.

kernel-analyzer

fuzzification

We hinder fuzzing

apisan

APISan: Sanitizing API Usages through Semantic Cross-Checking

fxmark

FxMark: Filesystem Multicore Scalability Benchmark

libmpk

deadline

unisan

UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages

shfllock

Rudra-PoC

Trophy case for Rudra bugs.

DIE-corpus

Corpus set used by DIE

aslr-guard

Preventing code-reuse attacks by stopping code pointer leakages

sgx101-gitbook

Synced with SGX101 gitbook.

kenali-kernel

Modified Nexus 9 kernel for Kenali Project

krace

Source code release for the KRace project

hdfi

Hardware-assisted Data-flow Isolation

t-sgx

Compiler-based tool that protects Intel SGX applications against controlled-channel attacks

caver

juxta

sgx-bomb

RoboFuzz

Fuzzing framework for Robot Operating System (ROS) and ROS-based robotic systems

cst-locks

SNAP

platpal

blockchain-lab-pwneth

ucognito

branch-shadowing

The branch shadowing attack: Proof of concept

latr

Latr: Lazy Translation Coherence - ASPLOS'18

desensitization

Rudra-Artifacts

Rudra's artifact evaluation submission

fakeroot-p

vbench

VBench: Multicore Scalability Application Benchmark

lkl-hydra

Pridwen

Universally Hardening SGX Programs via Load-Time Synthesis

Sense

Code for Sense (NDSS'24)

AndroidCoverageAgent

Coverage gathering JVMTI agent for Android

kup

Prototype for seamlessly updating Linux kernel with application checkpoint-and-restart

eCS

Enlightened Critical Sections

bunshin

playcrawl

Crawler for Googleplay

ordo

ACon2

lkl

sgx101

A place to start designing application with Intel SGX in mind.

AndroidIntentFuzzer

Greybox fuzzing for Android Intent receivers