Binary symbolic execution with KLEE-Native
by Sai Vegasena, New York University, and Peter Goodman, Senior Security Engineer
KLEE is a symbolic execution tool that intelligently produces high-coverage test cases by emulating LLVM bitcode in a custom runtime environment. Yet, unlike simpler fuzzers, it’s not a go-to tool for automated bug discovery. Despite constant improvements by the academic community, KLEE remains difficult for bug hunters to adopt. We’re working to bridge this gap! My internship project focused on KLEE-Native, a fork of KLEE that operates on binary program snapshots by lifting machine code to LLVM bitcode. […]
https://github.com/trailofbits/klee
Firmware Security 