Chainsaw - Chained Automated Workflow-based Exploit Generation

Explore a conference talk from CCS 2016 that introduces Chainsaw, an automated workflow-based exploit generation system for web applications. Learn about the challenges in identifying vulnerabilities and generating working exploits in complex web applications. Discover the Chainsaw architecture, including seed generation, workflow inference, ranking navigation sequences, and informed traversal techniques. Examine real-world applications of Chainsaw, including a detailed example of a stored-XSS exploit in Schoolmate. Compare Chainsaw's performance to related work in exploit generation and vulnerability identification. Gain insights into the complexities of automated security analysis for web applications and the potential for improving cybersecurity through advanced exploit generation techniques.

Intro
Web Applications
Web Application Example
The Problem
Challenges
Approach
Chainsaw Architecture
Seed Generation Example
Workflow Inference
Ranking Navigation Sequences
Workflow Refinement
RWFG Construction
Informed Traversal Example
Generating Working Exploits
Selected Applications
Summary of Results
Analysis Complexity
Schoolmate: Stored-XSS Exploit Example
Exploit Generation Related Work Comparison
Vulnerability Identification Comparison
Conclusion
References