莫图虚名修术业,勿以浮沙筑高台

tai_e-static-analysis-with-homework

post @ 2023-11-15

软件分析基础知识&作业

 之前翔哥给我具体讲了讲软件分析的基础知识,翔哥的链接如下所示:

[1] https://xym4ster.github.io/post/Program-Analysis-01

[2] https://xym4ster.github.io/post/Program-Analysis-02

[3] https://xym4ster.github.io/post/Program-Analysis-03

[4] https://xym4ster.github.io/post/Program-Analysis-04

[5] https://xym4ster.github.io/post/Program-Analysis-05

阅读此文

image-caption

post @ 2023-11-09

image-caption: 图像中文描述

数据集下载:https://tianchi.aliyun.com/dataset/145781?t=1699533627520

阅读此文

oddfuzz

post @ 2023-11-07

ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing

摘要

 可以用静态分析来定位java反序列化漏洞。ODDFUZZ使用轻量级污点分析定位候选的gadget链(避免漏报),之后使用定向灰盒测试生成poc用例来减少误报。ODDFUZZ使用结构感知种子生成方法保证用例有效性,并使用混合反馈与步进策略来指导定向模糊测试。

阅读此文

blog-migrate-test

post @ 2023-11-03

博客迁移日志

test

阅读此文

ACTF-2023

post @ 2023-10-29
Here's something encrypted, password is required to continue reading.
阅读此文
⬆︎TOP