Motorola smartphones are starting to get state-of-the-art kernel protections, brushing the dust off of a 14 year gap in work dedicated to hypervisor-level kernel protections. Check out the draft schematics for the seccomp filter purity test!
PDF redactions are broken, even the nontrivial ones where the underlying text is removed. Large parts of the tool are now available!
Y-AFL is the architecture-independent system-mode QEMU fuzzer used in Jetset to build an exploit for the Communication Management Unit of a Boeing 737. The important discovery is that CRIU is an excellent method for quickly creating effective fuzzers for complex software systems.
Jetset is a symbolic executor which uses QEMU's TCG IR during analysis, allowing for the incorporation of hardware semantics into program analysis routines.
G2 is a symbolic executor for Haskell, allowing for advanced bug detection and constraint solving in the context of lazy, functional languages.
Bluetana is an Android application and data analysis framework for detecting credit card skimming devices using bluetooth. The useful Android (Java) snippets, sanitized of anything sensitive, are available here.