A prototype of Shared-keywords aware Taint Checking, a novel static analysis approach that tracks the data flow of the user input between front-end and back-end to precisely detect security vulnerabilities.
Hi,
Thanks to SaTC for providing a way to find vulnerabilities in firmware.
As a newcomer, what I want to confirm is the content of the file 'result-{bin}-{ghidra_script}-{random}.txt' in the output directory:
'total case' refers to the number of paths for taint analysis by SaTC;
'find cases' refers to the number of paths that have passed the engine inspection, which corresponds to the number of Alerts in the SaTC paper
Is my understanding correct? looking forward to your answer
Hi, Thanks to SaTC for providing a way to find vulnerabilities in firmware.
As a newcomer, what I want to confirm is the content of the file 'result-{bin}-{ghidra_script}-{random}.txt' in the output directory:
'total case' refers to the number of paths for taint analysis by SaTC; 'find cases' refers to the number of paths that have passed the engine inspection, which corresponds to the number of Alerts in the SaTC paper
Is my understanding correct? looking forward to your answer