| WOOT '19 | RISC-V: #AlphanumericShellcoding | Hadrien Barral, Rémi Géraud-Stewart, Georges-Axel Jaloyan, David Naccache |
| WOOT '19 | Breaking Turtles All the Way Down: An Exploitation Chain to Break out of VMware ESXi | Hanqing Zhao, Yanyu Zhang, Kun Yang, Taesoo Kim |
| WOOT '19 | Distributed Password Hash Computation on Commodity Heterogeneous Programmable Platforms | Branimir Pervan, Josip Knezovic, Katja Pericin |
| WOOT '19 | Cross-Router Covert Channels | Adar Ovadia, Rom Ogen, Yakov Mallah, Niv Gilboa, Yossi Oren |
| WOOT '19 | MIN()imum Failure: EMFI Attacks against USB Stacks | Colin O'Flynn |
| WOOT '19 | Defeating Cisco Trust Anchor: A Case-Study of Recent Advancements in Direct FPGA Bitstream Manipulation | Jatin Kataria, Rick Housley, Joseph Pantoga, Ang Cui |
| WOOT '19 | A better zip bomb | David Fifield |
| WOOT '19 | How Sharp is SHARP ? | Dixit Kumar, Chavhan Sujeet Yashavant, Biswabandan Panda, Vishal Gupta |
| WOOT '19 | Two methods for exploiting speculative control flow hijacks | Andrea Mambretti, Alexandra Sandulescu, Matthias Neugschwandtner, Alessandro Sorniotti, Anil Kurmus |
| WOOT '19 | Vacuums in the Cloud: Analyzing Security in a Hardened IoT Ecosystem | Fabian Ullrich, Jiska Classen, Johannes Eger, Matthias Hollick |
| WOOT '19 | Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO | Sangsup Lee, Daejun Kim, Dongkwan Kim, Sooel Son, Yongdae Kim |
| WOOT '19 | Taking a Look into Execute-Only Memory | Marc Schink, Johannes Obermaier |
| WOOT '19 | Alternative (ab)uses for HTTP Alternative Services | Trishita Tiwari, Ari Trachtenberg |
| WOOT '19 | Automatic Wireless Protocol Reverse Engineering | Johannes Pohl, Andreas Noack |
| WOOT '19 | Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing | Dominik Maier, Benedikt Radtke, Bastian Harren |
| WOOT '19 | D-TIME: Distributed Threadless Independent Malware Execution for Runtime Obfuscation | Jithin Pavithran, Milan Patnaik, Chester Rebeiro |
| WOOT '18 | NEMESYS: Network Message Syntax Reverse Engineering by Analysis of the Intrinsic Structure of Individual Messages | Stephan Kleber, Henning Kopp, Frank Kargl |
| WOOT '18 | Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale | Alexander Vetterl, Richard Clayton |
| WOOT '18 | Tools for Active and Passive Network Side-Channel Detection for Web Applications | Michael Lescisin, Qusay Mahmoud |
| WOOT '18 | Browser history re:visited | Michael Smith, Craig Disselkoen, Shravan Narayan, Fraser Brown, Deian Stefan |
| WOOT '18 | Universal Radio Hacker: A Suite for Analyzing and Attacking Stateful Wireless Protocols | Johannes Pohl, Andreas Noack |
| WOOT '18 | Security Analysis of eIDAS – The Cross-Country Authentication Scheme in Europe | Nils Engelbertz, Nurullah Erinola, David Herring, Juraj Somorovsky, Vladislav Mladenov, Jörg Schwenk |
| WOOT '18 | Sensorless, Permissionless Information Exfiltration with Wi-Fi Micro-Jamming | Rom Ogen, Kfir Zvi, Omer Shwartz, Yossi Oren |
| WOOT '18 | Symbolic Execution of Security Protocol Implementations: Handling Cryptographic Primitives | Mathy Vanhoef, Frank Piessens |
| WOOT '18 | Hitag 2 Hell – Brutally Optimizing Guess-and-Determine Attacks | Aram Verstegen, Roel Verdult, Wouter Bokslag |
