个人IT学习

欢迎

HUNTER-HT

Hunter is a software research group that focuses on vulnerability detection. Our research interests cover multiple layers of software, including operating systems, firmware, binaries and web aplications. We are committed to developing tools of symbolic execution, fuzzing and binary analysis for automated detection of software vulnerabilities

最新动态

04-01 zhouxu 在IEEE Transactions on Software Engineering上发表了期刊《UltraFuzz: Towards Resource-Saving in Distributed Fuzzing》

01-01 zhouxu 在NDSS上发表了会议《MobFuzz: Adaptive Multi-objective Optimization in Grey-box Fuzzing》

11-01 zhouxu 在IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY上发表了期刊《From Release to Rebirth: Exploiting Thanos Objects in Linux Kernel》

01-01 zhouxu 在NDSS上发表了会议《VulHawk: Cross-architecture Vulnerability Detection with Entropy-based Binary Code Search》

05-07 songcongxi 写了文章《协议模糊测试相关技术梳理》

05-07 wangpengfei 写了文章《以CVE-2016-6516为例深入分析内核Double Fetch型漏洞利用方法》

05-14 wangpengfei 提交了《CVE-2016-6130》

01-06 zhanggen 提交了《CVE-2019-12379》

在研项目

PTFUZZER

Fuzzing using the Intel PT support.

QSE-HT

A symbolic execution engine using qemu

DFTINKER

Automatically detect double-fetch bugs in OS kerenels

BINARY-ANALYSIS

A set of tools for binary analysis

出版物

2024

HyperGo: Probability-based directed hybrid fuzzing
04-12
Computers & Security
期刊
Peihong Lin, Pengfei Wang ∗, Xu Zhou, Wei Xie, Kai Lu, Gen Zhang

Armor: Protecting Software Against Hardware Tracing Techniques
02-19
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
期刊
Tai Yue, Fengwei Zhang, Zhenyu Ning, Pengfei Wang, Xu Zhou , Kai Lu, Lei Zhou

DeepGo: Predictive Directed Greybox Fuzzing
01-01
NDSS
会议
Lin Peihong, Pengfei Wang, Xu Zhou, Wei Xie, Gen Zhang, Kai Lu

2023

UltraFuzz: Towards Resource-Saving in Distributed Fuzzing
04-01
IEEE Transactions on Software Engineering
期刊
Xu Zhou, Pengfei Wang, Chenyifan Liu, Tai Yue, Yingying Liu, Congxi Song, Kai Lu, Qidi Yin, and Xu Han

VulHawk: Cross-architecture Vulnerability Detection with Entropy-based Binary Code Search
01-01
NDSS
会议
Luo Zhenhao, Pengfei Wang, Baosheng Wang, Yong Tang, Wei Xie, Xu Zhou, Danjun Liu, Kai Lu

2022

From Release to Rebirth: Exploiting Thanos Objects in Linux Kernel
11-01
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
期刊
Danjun Liu, Pengfei Wang, Xu Zhou, Wei Xie, Gen Zhang, Zhenhao Luo, Tai Yue, Baosheng Wang

MobFuzz: Adaptive Multi-objective Optimization in Grey-box Fuzzing
01-01
NDSS
会议
Gen Zhang, Pengfei Wang, Tai Yue, Xiangdong Kong, Shan Huang, Xu Zhou, Kai Lu

2021

ovAFLow: Detecting Memory Corruption Bugs with Fuzzing-based Taint Inference
11-15
Journal of Computer Science and Technology
期刊
Gen Zhang, Pengfei Wang, Tai Yue, Xiangdong Kong, Xu Zhou, and Kai Lu

FirmHunter: State-Aware and Introspection-Driven Grey-Box Fuzzing towards IoT Firmware
09-25
Applied Science
期刊
Qidi Yin, Xu Zhou, Hangwei Zhang

An Efficient Feedback-enhanced Fuzzing Scheme for Linux-based IoT Firmwares
09-10
ICCT
会议
Qidi Yin, Xu Zhou, Hangwei Zhang

MEBS: Uncovering Memory Life-cycle Bugs in Operating System Kernels
08-25
Journal of Computer Science and Technology
期刊
Gen Zhang, Pengfei Wang, Tai Yue, Xu Zhou, and Kai Lu

SIoTFuzzer: Fuzzing Web Interface in IoT Firmware via Stateful Message Generation
03-25
Applied Science
期刊
Hangwei Zhang , Kai Lu, Xu Zhou, Qidi Yin, Pengfei Wang and Tai Yue

2020

EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit
04-15
the 29th USENIX Security Symposium
会议
Tai Yue, Pengfei Wang, Yong Tang, Enze Wang, Bo Yu, Kai Lu and Xu Zhou

Sabotaging the System Boundary: A Study of the Inter-boundary Vulnerability
03-09
Journal of Information Security and Applications
期刊
Pengfei Wang, Xu Zhou, Kai Lu

2019

P-fuzz: a parallel grey-box fuzzing framework
11-21
Applied Science
期刊
Congxi Song, Xu Zhou, Qidi Yin, Xinglu He,Hangwei Zhang, Kai Lu

Hybrid Way of Code Coverage Tracking in Fuzz
10-17
icsess
会议
Hanyi Nie, Xu Zhou, Junnan Zhang

LearnAFL: Greybox Fuzzing with Knowledge Enhancement
08-23
IEEE Access
期刊
Tai Yue, Yong Tang, Bo Yu, Pengfei Wang, and Enze Wang

SPFuzz: A Hierarchical Scheduling Framework For Stateful Network Protocol Fuzzing
01-25
IEEE Access
期刊
CONGXI SONG, BO YU,XU ZHOU,QIANG YANG

2018

AVPredictor: Comprehensive Prediction and Detection of Atomicity Violations
12-11
Concurrency and Computation: Practice and Experience
期刊
Pengfei Wang, Jens Krinke, Xu Zhou, Kai Lu

DFTinker: Detecting and Fixing Double-Fetch Bugs in an Automated Way
08-08
WASA2018
会议
Yingqi Luo, Pengfei Wang, Xu Zhou, and Kai Lu

PTfuzz: Guided Fuzzing With Processor Trace Feedback
07-25
IEEE-ACCESS
期刊
GEN ZHANG , XU ZHOU, YINGQI LUO , XUGANG WU, ERXUE MIN

Untrusted Hardware Causes Double-fetch Problems in the I/O Memory
03-11
Journal of Computer Science and Technology
期刊
Kai Lu, Pengfei Wang, Gen Li, Xu Zhou

2017

A Survey of the Double-Fetch Vulnerabilities
10-11
Concurrency and Computation: Practice and Experience
期刊
Pengfei Wang, Kai Lu, Gen Li, Xu Zhou

How Double-Fetch Situations turn into Double- Fetch Vulnerabilities: A Study of Double Fetches in the Linux Kernel
08-16
the 26th USENIX Security Symposium
会议
Pengfei Wang,Jens Krinke, Kai Lu and Gen Li,Steve Dodier-Lazaro

2016

DFTracker: Detecting Double-Fetch Bugs by Multi-Taints Parallel Tracking
12-11
Frontier of Computer Science
期刊
Pengfei Wang, Kai Lu, Gen Li, Xu Zhou

漏洞挖掘成果

文章随笔

2020

以CVE-2016-6516为例深入分析内核Double Fetch型漏洞利用方法
05-07
wangpengfei

2019

C会总结
11-21
songcongxi