State of the art: Dynamic symbolic execution for automated test generation
T Chen, X Zhang, S Guo, H Li, Y Wu - Future Generation Computer Systems, 2013 - Elsevier
Dynamic symbolic execution for automated test generation consists of instrumenting and
running a program while collecting path constraint on inputs from predicates encountered in …
running a program while collecting path constraint on inputs from predicates encountered in …
[PDF][PDF] Klee: unassisted and automatic generation of high-coverage tests for complex systems programs.
We present a new symbolic execution tool, KLEE, capable of automatically generating tests
that achieve high coverage on a diverse set of complex and environmentally-intensive …
that achieve high coverage on a diverse set of complex and environmentally-intensive …
All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)
EJ Schwartz, T Avgerinos… - 2010 IEEE symposium on …, 2010 - ieeexplore.ieee.org
Dynamic taint analysis and forward symbolic execution are quickly becoming staple
techniques in security analyses. Example applications of dynamic taint analysis and forward …
techniques in security analyses. Example applications of dynamic taint analysis and forward …
A survey on string constraint solving
R Amadini - ACM Computing Surveys (CSUR), 2021 - dl.acm.org
String constraint solving refers to solving combinatorial problems involving constraints over
string variables. String solving approaches have become popular over the past few years …
string variables. String solving approaches have become popular over the past few years …
Grammar-based whitebox fuzzing
P Godefroid, A Kiezun, MY Levin - Proceedings of the 29th ACM …, 2008 - dl.acm.org
Whitebox fuzzing is a form of automatic dynamic test generation, based on symbolic
execution and constraint solving, designed for security testing of large applications …
execution and constraint solving, designed for security testing of large applications …
Automatic creation of SQL injection and cross-site scripting attacks
We present a technique for finding security vulnerabilities in Web applications. SQL Injection
(SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack in which the …
(SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack in which the …
Automated test input generation for web applications
G Wassermann, D Yu, A Chander, D Dhurjati… - US Patent …, 2012 - Google Patents
(57) ABSTRACT A method and apparatus is disclosed hereinforautomated test input
generation for web applications. In one embodiment, the method comprises performing a …
generation for web applications. In one embodiment, the method comprises performing a …
HAMPI: a solver for string constraints
Many automatic testing, analysis, and verification techniques for programs can be effectively
reduced to a constraint generation phase followed by a constraint-solving phase. This …
reduced to a constraint generation phase followed by a constraint-solving phase. This …
A survey of new trends in symbolic execution for software testing and analysis
CS Păsăreanu, W Visser - International journal on software tools for …, 2009 - Springer
Symbolic execution is a well-known program analysis technique which represents program
inputs with symbolic values instead of concrete, initialized, data and executes the program …
inputs with symbolic values instead of concrete, initialized, data and executes the program …
KATCH: High-coverage testing of software patches
PD Marinescu, C Cadar - Proceedings of the 2013 9th Joint Meeting on …, 2013 - dl.acm.org
One of the distinguishing characteristics of software systems is that they evolve: new patches
are committed to software repositories and new versions are released to users on a …
are committed to software repositories and new versions are released to users on a …