SEASON Lab

bluepill

BluePill: Neutralizing Anti-Analysis Behavior in Malware Dissection (Black Hat Europe 2019, IEEE TIFS 2020)

fuzzolic

fuzzing + concolic = fuzzolic :)

survey-symbolic-execution

A survey by the SEASON lab on symbolic execution tools and techniques. The survey has appeared in ACM CSUR in 2018.

ropdissector

A framework for static analysis of ROP exploits and programs

memsight

MemSight: Rethinking Pointer Reasoning in Symbolic Execution (ASE 2017)

sok-dbi-security

Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)"

symnav

fuzzy-sat

An approximate solver for concolic execution

SymFusion

SymFusion: Hybrid Instrumentation for Concolic Execution

sistemi-di-calcolo

Class material and examples for the "Sistemi di Calcolo" (Computer Architecture and Systems Programming) course

DroidReach

Framework for testing the reachability of native functions in Android applications.

arancino

Arancino is a dynamic protection framework that defends Intel Pin against anti-instrumentation attacks.

symqemu-hybrid

rop-collection

Collection of ROP exploits and programs from "Static Analysis of ROP Code" paper

cex

program-generator

qemu

z3

season-lab.github.io

website of the lab

al-khaser

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

angr-antievasion

Final project for the M.Sc. in Engineering in Computer Science at Università degli Studi di Roma "La Sapienza" (A.Y. 2016/2017).

conf-data

Conference program metadata.

DroidReachBenchmarks

symcc-hybrid

symfusion-qsym