Introduction
SPEC CPU 2006 (document is here) is a frequently used benchmark in low level security. Here is the benchmark list of SPEC CPU Integer Benchmarks:
SPEC CPU 2006 (document is here) is a frequently used benchmark in low level security. Here is the benchmark list of SPEC CPU Integer Benchmarks:
In addition to the existing targets in Fuzzilli's github repo, we can add extra targets, and make fuzzilli works on more JavaScript Engine.
In this post, I will begin to use fuzzilli and try on the present supported targets. Section 4 I took note of some information about some background knowledge of swift.
Fuzzing is a practical, widely-deployed technique to find bugs in complex, real-world programs like JavaScript engines. Some researchers (Park et al., 2020) nowadays have conducted research on this topic and make their attention to some commercial application.
Thus, to learn how to fuzz on JS engine, firstly I need to pay my attention to a open source project. My choice is Fuzzilli. In this post, I will record the experience of learning Fuzzilli, and my attempt to implement this to Chakracore (which is a open source JSE implemented in Edge broswer).
The author proposed a new framework to solving some limitations in PrivKVM, achieving good experiment results on 4 real world dataset.
The author proposed Limbo, a new framework for automatically discovering defense-awre code in executables, which overcome the defect that the current defend-aware attacks exists (the feasibility are very are very dependent on the behaviors of the attacked program).
The author proposed PDiff, which is a reliable patch presence testing for downstream kernels, to solve the two main challenges (third-party customization and non-standard building configurations) in existing testing method.
The author systematize binary disassembly through the study of nine popular, open-source tools, and try to figure out three important questions.
Proposed a method to advanced Palomba et al.'s work on extracting useful information from user reviews to main and evolve mobile apps.