Peter Goodman

Mastodon

Hi, I'm Peter Goodman.

Articles: Heavy lifting with McSema 2.0; A walk down memory lane; McSema: I'm liftin' it; Shin GRR: Make Fuzzing Fast Again; A fuzzer and a symbolic executor walk into a cloud; The Problem with Dynamic Program Analysis
Presentations: PowerFL: Fuzzing VxWorks Embedded Systems (video).
At the Qualcomm Product Security Summit (QPSS 2019).; DeepState: Bringing vulnerability detection tools into the development lifecycle.
At the IEEE Cybersecurity Development Conference (IEEE SecDev 2018).; Lifting program binaries with McSema.
At the 9th International Summer School on Information Security and Protection (ISSISP 2018).; CYBERDYNE: Automatic bug-finding at scale (video).
At COUNTERMEASURE 2016.; PointsTo: Static Use-After-Free Detector for C/C++ (video).
At Empire Hacking in October 2015.
Papers: The Past, Present, and Future of Cyberdyne.
In Volume 16, Issue 2 of IEEE Security & Privacy.; DeepState: Symbolic Unit Testing for C and C++.
In the 1st Workshop on Binary Analysis Research (BAR 2018).; Behave or Be Watched: Debugging with Behavioral Watchpoints.
In the 9th Workshop on Hot Topics in Dependable Systems (HotDep 2013).
Posters: Modelling machine code semantics in C++ and Lifting machine code to LLVM bitcode. At CppCon 2018.; RaceSanitizer: Sampling for Data Races. In the 2015 LLVM Developer Meetup.; Granary: Comprehensive Kernel Module Instrumentation.
In the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2012).; Protecting Kernels from Untrusted Modules using Dynamic Binary Instrumentation.
In the Seventeenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2012).
Projects: DeepState is Google Test-like framework for transparently augmenting C/C++ unit tests with symbolic execution and fuzzing.; Remill is a library for lifting of x86, amd64, and aarch64 machine code instructions to LLVM bitcode.; McSema 2.0 is a framework for lifting x86, amd64, and aarch64 program binaries to LLVM bitcode.; GRR is a high-throughput fuzzer that emulates DECREE binaries. GRR was the backbone of Cyberdyne, the bug-finding system of Trail of Bits' cyber reasoning system, which competeded in the DARPA Cyber Grand Challenge.; Granary is a kernel space dynamic binary translation framework. The main goal of Granary is to enable flexible and efficient instrumentation of Linux kernel modules, while imposing no overhead to non-module kernel code.; Grail+ is a set of command line tools for manipulating non-deterministic finite automata (NFAs), non-deterministic pushdown automata (PDAs), and context-free grammars (CFGs). Grail+ is built on top of the Formal Language Template Library (FLTL), a library for representing and symbolically manipulating CFGs, NFAs, and PDAs.
Social: LinkedIn; GitHub