We present a new symbolic execution tool, KLEE, capable of automatically generating tests that achieve high coverage on a diverse set of complex and environmentally-intensive …
Dynamic taint analysis and forward symbolic execution are quickly becoming staple techniques in security analyses. Example applications of dynamic taint analysis and forward …
R Amadini - ACM Computing Surveys (CSUR), 2021 - dl.acm.org
String constraint solving refers to solving combinatorial problems involving constraints over string variables. String solving approaches have become popular over the past few years …
P Godefroid, A Kiezun, MY Levin - Proceedings of the 29th ACM …, 2008 - dl.acm.org
Whitebox fuzzing is a form of automatic dynamic test generation, based on symbolic execution and constraint solving, designed for security testing of large applications …
We present a technique for finding security vulnerabilities in Web applications. SQL Injection (SQLI) and cross-site scripting (XSS) attacks are widespread forms of attack in which the …
G Wassermann, D Yu, A Chander, D Dhurjati… - US Patent …, 2012 - Google Patents
(57) ABSTRACT A method and apparatus is disclosed hereinforautomated test input generation for web applications. In one embodiment, the method comprises performing a …
Many automatic testing, analysis, and verification techniques for programs can be effectively reduced to a constraint generation phase followed by a constraint-solving phase. This …
CS Păsăreanu, W Visser - International journal on software tools for …, 2009 - Springer
Symbolic execution is a well-known program analysis technique which represents program inputs with symbolic values instead of concrete, initialized, data and executes the program …
PD Marinescu, C Cadar - Proceedings of the 2013 9th Joint Meeting on …, 2013 - dl.acm.org
One of the distinguishing characteristics of software systems is that they evolve: new patches are committed to software repositories and new versions are released to users on a …