Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Chainsaw - Chained Automated Workflow-based Exploit Generation

Association for Computing Machinery (ACM) via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a conference talk from CCS 2016 that introduces Chainsaw, an automated workflow-based exploit generation system for web applications. Learn about the challenges in identifying vulnerabilities and generating working exploits in complex web applications. Discover the Chainsaw architecture, including seed generation, workflow inference, ranking navigation sequences, and informed traversal techniques. Examine real-world applications of Chainsaw, including a detailed example of a stored-XSS exploit in Schoolmate. Compare Chainsaw's performance to related work in exploit generation and vulnerability identification. Gain insights into the complexities of automated security analysis for web applications and the potential for improving cybersecurity through advanced exploit generation techniques.

Syllabus

Intro
Web Applications
Web Application Example
The Problem
Challenges
Approach
Chainsaw Architecture
Seed Generation Example
Workflow Inference
Ranking Navigation Sequences
Workflow Refinement
RWFG Construction
Informed Traversal Example
Generating Working Exploits
Selected Applications
Summary of Results
Analysis Complexity
Schoolmate: Stored-XSS Exploit Example
Exploit Generation Related Work Comparison
Vulnerability Identification Comparison
Conclusion
References

Taught by

ACM CCS

Reviews

Start your review of Chainsaw - Chained Automated Workflow-based Exploit Generation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.