researchr
explore
Tags
Journals
Conferences
Authors
Profiles
Groups
calendar
New Conferences
Events
Deadlines
search
search
You are not signed in
Sign in
Sign up
Links
Filter by Year
OR
AND
NOT
1
2007
2009
2010
2012
2013
2014
2015
2016
2017
2018
2019
2020
2024
Filter by Tag
Filter by Author
[+]
OR
AND
NOT
1
Aanjhan Ranganathan
Alfredo Pironti
Andreas Noack
Andrew Fasano
Christian Mainka
Christian Rossow
Dawn Song
J. Alex Halderman
Jean-Pierre Seifert
Jiska Classen
Johannes Obermaier
Juraj Somorovsky
Jörg Schwenk
Mathias Payer
Matthias Hollick
Roee Hay
Sergey Bratus
Vladislav Mladenov
Yongdae Kim
Yossi Oren
Filter by Top terms
[+]
OR
AND
NOT
1
analysis
attack
attacks
august
breaking
engineering
exploiting
low
offensive
security
smartphone
systems
technologies
usa
usenix
using
vulnerabilities
web
woot
workshop
WOOT (woot)
Editions
Publications
Viewing Publication 1 - 100 from 210
2024
SoK: On the Effectiveness of Control-Flow Integrity in Practice
Lucas Becker
,
Matthias Hollick
,
Jiska Classen
.
woot 2024
:
189-209
[doi]
WhatsApp with privacy? Privacy issues with IM E2EE in the Multi-device setting
Tal A. Beery
.
woot 2024
:
11-16
[doi]
Amplifying Threats: The Role of Multi-Sender Coordination in SMS-Timing-Based Location Inference Attacks
Evangelos Bitsikas
,
Theodor Schnitzler
,
Christina Pöpper
,
Aanjhan Ranganathan
.
woot 2024
:
59-73
[doi]
Introduction to Procedural Debugging through Binary Libification
Jonathan Brossard
.
woot 2024
:
17-25
[doi]
Breaking Espressif's ESP32 V3: Program Counter Control with Computed Values using Fault Injection
Jeroen Delvaux
,
Cristofaro Mune
,
Mario Romero
,
Niek Timmers
.
woot 2024
:
229-243
[doi]
18th USENIX WOOT Conference on Offensive Technologies, WOOT 2024, Philadelphia, PA, USA, August 12-13, 2024
Adam Doupé
,
Alyssa Milburn
, editors,
USENIX Association,
2024.
[doi]
Reverse Engineering the Eufy Ecosystem: A Deep Dive into Security Vulnerabilities and Proprietary Protocols
Victor Goeman
,
Dairo de Ruck
,
Tom Cordemans
,
Jorn Lapon
,
Vincent Naessens
.
woot 2024
:
133-147
[doi]
Attacking with Something That Does Not Exist: 'Proof of Non-Existence' Can Exhaust DNS Resolver CPU
Olivia Gruza
,
Elias Heftrig
,
Oliver Jacobsen
,
Haya Schulmann
,
Niklas Vogel
,
Michael Waidner
.
woot 2024
:
45-57
[doi]
Not Quite Write: On the Effectiveness of Store-Only Bounds Checking
Adriaan Jacobs
,
Stijn Volckaert
.
woot 2024
:
171-187
[doi]
Oh No, My RAN! Breaking Into an O-RAN 5G Indoor Base Station
Leon Janzen
,
Lucas Becker
,
Colin Wiesenäcker
,
Matthias Hollick
.
woot 2024
:
101-115
[doi]
The Power of Words: Generating PowerShell Attacks from Natural Language
Pietro Liguori
,
Christian Marescalco
,
Roberto Natella
,
Vittorio Orbinato
,
Luciano Pianese
.
woot 2024
:
27-43
[doi]
Basilisk: Remote Code Execution by Laser Excitation of P-N Junctions Without Insider Assistance
Joe Loughry
,
Kasper Rasmussen
.
woot 2024
:
245-261
[doi]
Exploiting Android's Hardened Memory Allocator
Philipp Mao
,
Elias Valentin Boschung
,
Marcel Busch
,
Mathias Payer
.
woot 2024
:
211-227
[doi]
MakeShift: Security Analysis of Wireless Gear Shifting in Bicycles
Maryam Motallebighomi
,
Earlence Fernandes
,
Aanjhan Ranganathan
.
woot 2024
:
75-88
[doi]
SOK: 3D Printer Firmware Attacks on Fused Filament Fabrication
Muhammad Haris Rais
,
Muhammad Ahsan
,
Irfan Ahmed 0001
.
woot 2024
:
263-282
[doi]
Achilles Heel in Secure Boot: Breaking RSA Authentication and Bitstream Recovery from Zynq-7000 SoC
Prasanna Ravi
,
Arpan Jati
,
Shivam Bhasin
.
woot 2024
:
1-10
[doi]
RIPencapsulation: Defeating IP Encapsulation on TI MSP Devices
Prakhar Sah
,
Matthew Hicks
.
woot 2024
:
117-132
[doi]
Engineering a backdoored bitcoin wallet
Adam Scott
,
Sean Andersen
.
woot 2024
:
89-100
[doi]
SoK: Where's the "up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems
Xi Tan
,
Zheyuan Ma
,
Sandro Pinto 0001
,
Le Guan
,
Ning Zhang 0017
,
Jun Xu 0024
,
Zhiqiang Lin
,
Hongxin Hu
,
Ziming Zhao 0001
.
woot 2024
:
149-169
[doi]
2020
Office Document Security and Privacy
Jens Müller 0007
,
Fabian Ising
,
Christian Mainka
,
Vladislav Mladenov
,
Sebastian Schinzel
,
Jörg Schwenk
.
woot 2020
:
[doi]
Unearthing the TrustedCore: A Critical Review on Huawei's Trusted Execution Environment
Marcel Busch
,
Johannes Westphal
,
Tilo Müller
.
woot 2020
:
[doi]
Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers
Haehyun Cho
,
Jinbum Park
,
Joonwon Kang
,
Tiffany Bao
,
Ruoyu Wang 0001
,
Yan Shoshitaishvili
,
Adam Doupé
,
Gail-Joon Ahn
.
woot 2020
:
[doi]
ToothPicker: Apple Picking in the iOS Bluetooth Stack
Dennis Heinze
,
Jiska Classen
,
Matthias Hollick
.
woot 2020
:
[doi]
OS Security Is Hard: Why All the Fuzzers in the World Won't Change the Way Platform Security Is Failing Us
Alex Ionescu
.
woot 2020
:
[doi]
NFCGate: Opening the Door for NFC Security Research with a Smartphone-Based Toolkit
Steffen Klee
,
Alexandros Roussos
,
Max Maass
,
Matthias Hollick
.
woot 2020
:
[doi]
AFL++ : Combining Incremental Steps of Fuzzing Research
Dominik Maier
,
Heiko Eißfeldt
,
Andrea Fioraldi
,
Marc Heuse
.
woot 2020
:
[doi]
Hardware Security Is Hard: How Hardware Boundaries Define Platform Security
Alex Matrosov
.
woot 2020
:
[doi]
One Exploit to Rule them All? On the Security of Drop-in Replacement and Counterfeit Microcontrollers
Johannes Obermaier
,
Marc Schink
,
Kosma Moczek
.
woot 2020
:
[doi]
Automatic Generation of Compact Printable Shellcodes for x86
Dhrumil Patel
,
Aditya Basu
,
Anish Mathuria
.
woot 2020
:
[doi]
When Oblivious is Not: Attacks against OPAM
Nirjhar Roy
,
Nikhil Bansal
,
Gourav Takhar
,
Nikhil Mittal
,
Pramod Subramanyan
.
woot 2020
:
[doi]
When Is a Proof Actually Not?
Vanessa Teague
.
woot 2020
:
[doi]
Firmware Insider: Bluetooth Randomness is Mostly Random
Jörn Tillmanns
,
Jiska Classen
,
Felix Rohrbach
,
Matthias Hollick
.
woot 2020
:
[doi]
Bankrupt Covert Channel: Turning Network Predictability into Vulnerability
Dmitrii Ustiugov
,
Plamen Petrov 0003
,
M. R. Siavash Katebzadeh
,
Boris Grot
.
woot 2020
:
[doi]
BLESA: Spoofing Attacks against Reconnections in Bluetooth Low Energy
Jianliang Wu
,
Yuhong Nan
,
Vireshwar Kumar
,
Dave (Jing) Tian
,
Antonio Bianchi
,
Mathias Payer
,
Dongyan Xu
.
woot 2020
:
[doi]
14th USENIX Workshop on Offensive Technologies, WOOT 2020, August 11, 2020
Yuval Yarom
,
Sarah Zennou
, editors,
USENIX Association,
2020.
[doi]
2019
RISC-V: #AlphanumericShellcoding
Hadrien Barral
,
Rémi Géraud-Stewart
,
Georges-Axel Jaloyan
,
David Naccache
.
woot 2019
:
[doi]
A better zip bomb
David Fifield
.
woot 2019
:
[doi]
13th USENIX Workshop on Offensive Technologies, WOOT 2019, Santa Clara, CA, USA, August 12-13, 2019
Alex Gantman
,
Clémentine Maurice
, editors,
USENIX Association,
2019.
[doi]
Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct FPGA Bitstream Manipulation
Jatin Kataria
,
Rick Housley
,
Joseph Pantoga
,
Ang Cui
.
woot 2019
:
[doi]
How Sharp is SHARP ?
Dixit Kumar
,
Chavhan Sujeet Yashavant
,
Biswabandan Panda
,
Vishal Gupta
.
woot 2019
:
[doi]
Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO
Sangsup Lee
,
Daejun Kim
,
Dongkwan Kim
,
Sooel Son
,
Yongdae Kim
.
woot 2019
:
[doi]
Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing
Dominik Maier
,
Benedikt Radtke
,
Bastian Harren
.
woot 2019
:
[doi]
Two methods for exploiting speculative control flow hijacks
Andrea Mambretti
,
Alexandra Sandulescu
,
Matthias Neugschwandtner
,
Alessandro Sorniotti
,
Anil Kurmus
.
woot 2019
:
[doi]
MIN()imum Failure: EMFI Attacks against USB Stacks
Colin O'Flynn
.
woot 2019
:
[doi]
Cross-Router Covert Channels
Adar Ovadia
,
Rom Ogen
,
Yakov Mallah
,
Niv Gilboa
,
Yossi Oren
.
woot 2019
:
[doi]
D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation
Jithin Pavithran
,
Milan Patnaik
,
Chester Rebeiro
.
woot 2019
:
[doi]
Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms
Branimir Pervan
,
Josip Knezovic
,
Katja Pericin
.
woot 2019
:
[doi]
Automatic Wireless Protocol Reverse Engineering
Johannes Pohl
,
Andreas Noack
.
woot 2019
:
[doi]
Taking a Look into Execute-Only Memory
Marc Schink
,
Johannes Obermaier
.
woot 2019
:
[doi]
Alternative (ab)uses for HTTP Alternative Services
Trishita Tiwari
,
Ari Trachtenberg
.
woot 2019
:
[doi]
Vacuums in the Cloud: Analyzing Security in a Hardened IoT Ecosystem
Fabian Ullrich
,
Jiska Classen
,
Johannes Eger
,
Matthias Hollick
.
woot 2019
:
[doi]
Breaking Turtles All the Way Down: An Exploitation Chain to Break out of VMware ESXi
Hanqing Zhao
,
Yanyu Zhang
,
Kun Yang
,
Taesoo Kim
.
woot 2019
:
[doi]
2018
Optimizing Recurrent Pulsing Attacks using Application-Layer Amplification of Open DNS Resolvers
Jonas Bushart
.
woot 2018
:
[doi]
Security Analysis of eIDAS - The Cross-Country Authentication Scheme in Europe
Nils Engelbertz
,
Nurullah Erinola
,
David Herring
,
Juraj Somorovsky
,
Vladislav Mladenov
,
Jörg Schwenk
.
woot 2018
:
[doi]
Swipe Your Fingerprints! How Biometric Authentication Simplifies Payment, Access and Identity Fraud
Julian Fietkau
,
Starbug
,
Jean-Pierre Seifert
.
woot 2018
:
[doi]
Fishy Faces: Crafting Adversarial Images to Poison Face Authentication
Giuseppe Garofalo
,
Vera Rimmer
,
Tim Van hamme
,
Davy Preuveneers
,
Wouter Joosen
.
woot 2018
:
[doi]
SoK: Make JIT-Spray Great Again
Robert Gawlik
,
Thorsten Holz
.
woot 2018
:
[doi]
NEMESYS: Network Message Syntax Reverse Engineering by Analysis of the Intrinsic Structure of Individual Messages
Stephan Kleber
,
Henning Kopp
,
Frank Kargl
.
woot 2018
:
[doi]
Spectre Returns! Speculation Attacks using the Return Stack Buffer
Esmaeil Mohammadian Koruyeh
,
Khaled N. Khasawneh
,
Chengyu Song
,
Nael B. Abu-Ghazaleh
.
woot 2018
:
[doi]
Tools for Active and Passive Network Side-Channel Detection for Web Applications
Michael Lescisin
,
Qusay H. Mahmoud
.
woot 2018
:
[doi]
You Snooze, You Lose: Measuring PLC Cycle Times under Attacks
Matthias Niedermaier
,
Jan-Ole Malchow
,
Florian Fischer
,
Daniel Marzin
,
Dominik Merli
,
Volker Roth 0002
,
Alexander von Bodisco
.
woot 2018
:
[doi]
Sensorless, Permissionless Information Exfiltration with Wi-Fi Micro-Jamming
Rom Ogen
,
Kfir Zvi
,
Omer Shwartz
,
Yossi Oren
.
woot 2018
:
[doi]
Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols
Johannes Pohl
,
Andreas Noack
.
woot 2018
:
[doi]
12th USENIX Workshop on Offensive Technologies, WOOT 2018, Baltimore, MD, USA, August 13-14, 2018
Christian Rossow
,
Yves Younan
, editors,
USENIX Association,
2018.
[doi]
Browser history re: visited
Michael Smith
,
Craig Disselkoen
,
Shravan Narayan
,
Fraser Brown
,
Deian Stefan
.
woot 2018
:
[doi]
Physical Adversarial Examples for Object Detectors
Dawn Song
,
Kevin Eykholt
,
Ivan Evtimov
,
Earlence Fernandes
,
Bo Li 0044
,
Amir Rahmati
,
Florian Tramèr
,
Atul Prakash
,
Tadayoshi Kohno
.
woot 2018
:
[doi]
Symbolic Execution of Security Protocol Implementations: Handling Cryptographic Primitives
Mathy Vanhoef
,
Frank Piessens
.
woot 2018
:
[doi]
Hitag 2 Hell - Brutally Optimizing Guess-and-Determine Attacks
Aram Verstegen
,
Roel Verdult
,
Wouter Bokslag
.
woot 2018
:
[doi]
Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale
Alexander Vetterl
,
Richard Clayton
.
woot 2018
:
[doi]
A Feasibility Study of Radio-frequency Retroreflector Attack
Satohiro Wakabayashi
,
Seita Maruyama
,
Tatsuya Mori
,
Shigeki Goto
,
Masahiro Kinugawa
,
Yu-ichi Hayashi
.
woot 2018
:
[doi]
2017
Stalling Live Migrations on the Cloud
Ahmed Atya
,
Azeem Aqil
,
Karim Khalil
,
Zhiyun Qian
,
Srikanth V. Krishnamurthy
,
Thomas F. La Porta
.
woot 2017
:
[doi]
dr0wned - Cyber-Physical Attack with Additive Manufacturing
Sofia Belikovetsky
,
Mark Yampolskiy
,
Jinghui Toh
,
Jacob Gatlin
,
Yuval Elovici
.
woot 2017
:
[doi]
One Car, Two Frames: Attacks on Hitag-2 Remote Keyless Entry Systems Revisited
Ryad Benadjila
,
Mathieu Renard
,
José Lopes-Esteves
,
Chaouki Kasmi
.
woot 2017
:
[doi]
unCaptcha: A Low-Resource Defeat of reCaptcha's Audio Challenge
Kevin Bock
,
Daven Patel
,
George Hughey
,
Dave Levin
.
woot 2017
:
[doi]
Software Grand Exposure: SGX Cache Attacks Are Practical
Ferdinand Brasser
,
Urs Müller
,
Alexandra Dmitrienko
,
Kari Kostiainen
,
Srdjan Capkun
,
Ahmad-Reza Sadeghi
.
woot 2017
:
[doi]
BADFET: Defeating Modern Secure Boot Using Second-Order Pulsed Electromagnetic Fault Injection
Ang Cui
,
Rick Housley
.
woot 2017
:
[doi]
11th USENIX Workshop on Offensive Technologies, WOOT 2017, Vancouver, BC, Canada, August 14-15, 2017
William Enck
,
Collin Mulliner
, editors,
USENIX Association,
2017.
[doi]
Breaking and Fixing Gridcoin
Martin Grothe
,
Tobias Niemann
,
Juraj Somorovsky
,
Jörg Schwenk
.
woot 2017
:
[doi]
SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit
Mordechai Guri
,
Yosef A. Solewicz
,
Andrey Daidakulov
,
Yuval Elovici
.
woot 2017
:
[doi]
fastboot oem vuln: Android Bootloader Vulnerabilities in Vendor Customizations
Roee Hay
.
woot 2017
:
[doi]
Adversarial Example Defense: Ensembles of Weak Defenses are not Strong
Warren He
,
James Wei
,
Xinyun Chen
,
Nicholas Carlini
,
Dawn Song
.
woot 2017
:
[doi]
AutoCTF: Creating Diverse Pwnables via Automated Bug Injection
Patrick Hulin
,
Andy Davis
,
Rahul Sridhar
,
Andrew Fasano
,
Cody Gallagher
,
Aaron Sedlacek
,
Tim Leek
,
Brendan Dolan-Gavitt
.
woot 2017
:
[doi]
Automated PCB Reverse Engineering
Stephan Kleber
,
Henrik Ferdinand Nölscher
,
Frank Kargl
.
woot 2017
:
[doi]
From random block corruption to privilege escalation: A filesystem attack vector for rowhammer-like attacks
Anil Kurmus
,
Nikolas Ioannou
,
Nikolaos Papandreou
,
Thomas P. Parnell
.
woot 2017
:
[doi]
Shedding too much Light on a Microcontroller's Firmware Protection
Johannes Obermaier
,
Stefan Tatschner
.
woot 2017
:
[doi]
White-Stingray: Evaluating IMSI Catchers Detection Applications
Shinjo Park
,
Altaf Shaik
,
Ravishankar Borgaonkar
,
Andrew Martin
,
Jean-Pierre Seifert
.
woot 2017
:
[doi]
POTUS: Probing Off-The-Shelf USB Drivers with Symbolic Fault Injection
James Patrick-Evans
,
Lorenzo Cavallaro
,
Johannes Kinder
.
woot 2017
:
[doi]
Breaking (and Fixing) a Widely Used Continuous Glucose Monitoring System
Luca Reverberi
,
David Oswald
.
woot 2017
:
[doi]
Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing
Bhargava Shastry
,
Federico Maggi
,
Fabian Yamaguchi
,
Konrad Rieck
,
Jean-Pierre Seifert
.
woot 2017
:
[doi]
Shattered Trust: When Replacement Smartphone Components Attack
Omer Shwartz
,
Amir Cohen
,
Asaf Shabtai
,
Yossi Oren
.
woot 2017
:
[doi]
Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery
Tommi Unruh
,
Bhargava Shastry
,
Malte Skoruppa
,
Federico Maggi
,
Konrad Rieck
,
Jean-Pierre Seifert
,
Fabian Yamaguchi
.
woot 2017
:
[doi]
One Side-Channel to Bring Them All and in the Darkness Bind Them: Associating Isolated Browsing Sessions
Tom van Goethem
,
Wouter Joosen
.
woot 2017
:
[doi]
Exploitations of Uninitialized Uses on macOS Sierra
Zhenquan Xu
,
Gongshen Liu
,
Tielei Wang
,
Hao Xu
.
woot 2017
:
[doi]
2016
10th USENIX Workshop on Offensive Technologies, WOOT 16, Austin, TX, August 8-9, 2016
USENIX Association,
2016.
[doi]
A Rising Tide: Design Exploits in Industrial Control Systems
Alexander Bolshev
,
Jason Larsen
,
Marina Krotofil
,
Reid Wightman
.
woot 2016
:
[doi]
Truck Hacking: An Experimental Analysis of the SAE J1939 Standard
Yelizaveta Burakova
,
Bill Hass
,
Leif Millar
,
André Weimerskirch
.
woot 2016
:
[doi]
Acceleration Attacks on PBKDF2: Or, What Is inside the Black-Box of oclHashcat?
Andrew Ruddick
,
Jeff Yan
.
woot 2016
:
[doi]
Putting LTE Security Functions to the Test: A Framework to Evaluate Implementation Correctness
David Rupprecht
,
Kai Jansen
,
Christina Pöpper
.
woot 2016
:
[doi]
Hardware-Assisted Rootkits: Abusing Performance Counters on the ARM and x86 Architectures
Matt Spisak
.
woot 2016
:
[doi]
SoK: XML Parser Vulnerabilities
Christopher Späth
,
Christian Mainka
,
Vladislav Mladenov
,
Jörg Schwenk
.
woot 2016
:
[doi]
Sign in
or
sign up
to see more results.