Recent papers related to Proof-of-Concept (PoC) including exploit generation, empirical analysis, and applications. Feel free to make contributions to this repository (e.g., adding new papers) by creating pull requests.
2025 | 2024 | 2023 | 2022 | 2021 | 2020 | 2019 | 2018 | 2017 | 2016 and Before
PoC Analysis and Empirical Studies | PoC Generation | PoC Applications| Preprints
- NodeMedic-FINE: Automatic Detection and Exploit Synthesis for Node.js Vulnerabilities pdf
- Automated Exploit Generation for Node.js Packages pdf
- Learning from the Past: Real-World Exploit Migration for Smart Contract PoC Generation pdf
- DeepExploitor: LLM-Enhanced Automated Exploitation of DeepLink Attack in Hybrid Apps
- Pig in a Poke: Automatically Detecting and Exploiting Link Following Vulnerabilities in Windows File Operations pdf
- Towards Automatic Detection and Exploitation of Java Web Application Vulnerabilities via Concolic Execution guided by Cross-thread Object Manipulation pdf
- ChainFuzz: Exploiting Upstream Vulnerabilities in Open-Source Supply Chains pdf
- Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search and Dataflow-aided Payload Construction pdf
- SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem pdf
- Practical Data-Only Attack Generation pdf
- Exploiting Library Vulnerability via Migration Based Automating Test Generation pdf
- ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing pdf
- 1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing pdf
- BAGUA: Towards Automatic and Precise Heap Layout Manipulation for General-Purpose Programs pdf
- Evocatio: Conjuring Bug Capabilities from a Single PoC pdf
- Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits pdf
- SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux Kernel pdf
- Facilitating Vulnerability Assessment through PoC Migration doi
- MAZE: Towards Automated Heap Feng Shui pdf
- OCTOPOCS: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept pdf
- RAProducer: Efficiently Diagnose and Reproduce Data Race Bugs for Binaries via Trace Analysis pdf
- Toward Automated Exploit Generation for Known Vulnerabilities in Open-Source Libraries pdf
- KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities pdf
- KEPLER: Facilitating Control-Flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities pdf
- Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters pdf
- SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel pdf
- Revery: From Proof-of-Concept to Exploitable pdf
- Understanding the Reproducibility of Crowd-Reported Security Vulnerabilities pdf
- NAVEX: Precise and Scalable Exploit Generation for Dynamic Web Applications pdf
- FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities pdf
- SemFuzz: Semantics-Based Automatic Generation of Proof-of-Concept Exploits pdf
- Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits pdf
- AEG: Automatic Exploit Generation pdf
- Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications pdf
Empirical studies, surveys, and measurements analyzing PoC exploits, bug reports, and vulnerability characteristics.
- Understanding the Reproducibility of Crowd-Reported Security Vulnerabilities pdf
Automated techniques for generating proof-of-concept exploits using fuzzing, symbolic execution, and program analysis.
- SemFuzz: Semantics-Based Automatic Generation of Proof-of-Concept Exploits pdf
- ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing (S&P '23) pdf
- 1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing (ISSTA '23) pdf
- Efficient Detection of Java Deserialization Gadget Chains via Bottom-up Gadget Search (S&P '24) pdf
-
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications (SP '08) pdf
-
FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities (USENIX Security '18) pdf
-
NAVEX: Precise and Scalable Exploit Generation for Dynamic Web Applications (USENIX Security '18) pdf
-
MAZE: Towards Automated Heap Feng Shui (USENIX Security '21) pdf KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities (USENIX Security '20) pdf
-
Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters (CCS '19) pdf
-
SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel (CCS '19) pdf
-
Toward Automated Exploit Generation for Known Vulnerabilities in Open-Source Libraries (ICPC '21) pdf
- NodeMedic-FINE: Automatic Detection and Exploit Synthesis for Node.js Vulnerabilities (NDSS '25) pdf
- Automated Exploit Generation for Node.js Packages (PLDI '25) pdf
- Practical Data-Only Attack Generation (USENIX Security '24) pdf
Applications of PoC exploits in vulnerability assessment, exploit prediction, migration, and bug reproduction.
-
Beyond Heuristics: Learning to Classify Vulnerabilities and Predict Exploits (SIGKDD '10) pdf
-
Revery: From Proof-of-Concept to Exploitable (CCS '18) pdf
-
Expected Exploitability: Predicting the Development of Functional Vulnerability Exploits (USENIX Security '22) pdf
-
SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem (S&P/NDSS '24) pdf
-
SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux Kernel (USENIX Security '22) pdf
-
KEPLER: Facilitating Control-Flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities (USENIX Security '19) pdf
- Exploiting Library Vulnerability via Migration Based Automating Test Generation (ICSE '24) pdf
- Facilitating Vulnerability Assessment through PoC Migration (CCS '21) doi
- OCTOPOCS: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept (TDSC '21) pdf
- Evocatio: Conjuring Bug Capabilities from a Single PoC (CCS '22) pdf
- RAProducer: Efficiently Diagnose and Reproduce Data Race Bugs for Binaries via Trace Analysis (ISSTA '21) pdf
- PoCo: Agentic Proof-of-Concept Exploit Generation for Smart Contracts pdf
- A Systematic Study on Generating Web Vulnerability Proof-of-Concepts Using Large Language Models pdf
- Real-World Usability of Vulnerability Proof-of-Concepts: A Comprehensive Study pdf
- PoCGen: Generating Proof-of-Concept Exploits for Vulnerabilities in NPM Packages pdf
- Diffploit: Facilitating Cross-Version Exploit Migration for Open Source Library Vulnerabilities pdf
Contributions are welcome:
- Adding new papers
- Suggesting improvements
This documentation is licensed under CC BY 4.0. Individual papers retain their original copyrights.