Mastodon
Hi, I'm Peter Goodman.
- Articles
-
Heavy lifting with McSema 2.0
-
A walk down memory lane
-
McSema: I'm liftin' it
-
Shin GRR: Make Fuzzing Fast Again
-
A fuzzer and a symbolic executor walk into a cloud
-
The Problem with Dynamic Program Analysis
- Presentations
-
PowerFL: Fuzzing VxWorks Embedded Systems (video).
At the Qualcomm Product Security Summit (QPSS 2019).
-
DeepState: Bringing vulnerability detection tools into the development lifecycle.
At the IEEE Cybersecurity Development Conference (IEEE SecDev 2018).
-
Lifting program binaries with McSema.
At the 9th International Summer School on Information Security and Protection (ISSISP 2018).
-
CYBERDYNE: Automatic bug-finding at scale (video).
At COUNTERMEASURE 2016.
-
PointsTo: Static Use-After-Free Detector for C/C++ (video).
At Empire Hacking in October 2015.
- Papers
-
The Past, Present, and Future of Cyberdyne.
In Volume 16, Issue 2 of IEEE Security & Privacy.
-
DeepState: Symbolic Unit Testing for C and C++.
In the 1st Workshop on Binary Analysis Research (BAR 2018).
-
Behave or Be Watched: Debugging with Behavioral Watchpoints.
In the 9th Workshop on Hot Topics in Dependable Systems (HotDep 2013).
- Posters
-
Modelling machine code semantics in C++ and Lifting machine code to LLVM bitcode. At CppCon 2018.
-
RaceSanitizer: Sampling for Data Races. In the 2015 LLVM Developer Meetup.
-
Granary: Comprehensive Kernel Module Instrumentation.
In the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2012).
-
Protecting Kernels from Untrusted Modules using Dynamic Binary Instrumentation.
In the Seventeenth International Conference on
Architectural Support for Programming Languages and Operating Systems (ASPLOS 2012).
- Projects
-
DeepState is Google Test-like framework for transparently augmenting C/C++ unit tests with symbolic execution and fuzzing.
-
Remill is a library for lifting of x86, amd64, and aarch64 machine code instructions to LLVM bitcode.
-
McSema 2.0 is a framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode.
-
GRR is a high-throughput fuzzer that emulates DECREE binaries. GRR was the backbone of Cyberdyne, the bug-finding system of Trail of Bits' cyber reasoning system, which competeded in the DARPA Cyber Grand Challenge.
-
Granary is a kernel space dynamic binary translation framework. The main goal of Granary is to enable flexible and efficient instrumentation of Linux kernel modules, while imposing no overhead to non-module kernel code.
-
Grail+ is a set of command line tools for manipulating non-deterministic finite automata (NFAs), non-deterministic pushdown automata (PDAs), and context-free grammars (CFGs). Grail+ is built on top of the Formal Language Template Library (FLTL), a library for representing and symbolically manipulating CFGs, NFAs, and PDAs.
- Social
-
LinkedIn
-
GitHub