some bugs and fix method

From this page, I decide use EN to continue my blog.

Build XposedInstaller using gradle

When use android studio and build gradle, even I have downgrade JDK to 1.8, and close android studio proxy, also have mistakes. Gradle’s information is below:

软件分析基础知识&作业

 之前翔哥给我具体讲了讲软件分析的基础知识，翔哥的链接如下所示：

[1] https://xym4ster.github.io/post/Program-Analysis-01

[2] https://xym4ster.github.io/post/Program-Analysis-02

[3] https://xym4ster.github.io/post/Program-Analysis-03

[4] https://xym4ster.github.io/post/Program-Analysis-04

[5] https://xym4ster.github.io/post/Program-Analysis-05

image-caption: 图像中文描述

数据集下载：https://tianchi.aliyun.com/dataset/145781?t=1699533627520

ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing

摘要

 可以用静态分析来定位java反序列化漏洞。ODDFUZZ使用轻量级污点分析定位候选的gadget链（避免漏报），之后使用定向灰盒测试生成poc用例来减少误报。ODDFUZZ使用结构感知种子生成方法保证用例有效性，并使用混合反馈与步进策略来指导定向模糊测试。