| WOOT '11 | Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks | Keaton Mowery, Sarah Meiklejohn, Stefan Savage |
| WOOT '11 | Packets in Packets: Orson Welles' In-Band Signaling Attacks for Modern Radios | Travis Goodspeed, Sergey Bratus, Ricky Melgares, Rebecca Shapiro, Ryan Speers |
| WOOT '11 | Energy Attack on Server Systems | Zhenyu Wu, Mengjun Xie, Haining Wang |
| WOOT '11 | Putting Out a HIT: Crowdsourcing Malware Installs | Chris Kanich, Stephen Checkoway |
| WOOT '11 | All Your Droid Are Belong to Us: A Survey of Current Android Attacks | Timothy Vidas, Daniel Votipka, Nicolas Christin |
| WOOT '11 | Exploiting the Hard-Working DWARF: Trojan and Exploit Techniques with No Native Executable Code | James Oakley |
| WOOT '11 | DieHarder: Securing the Heap | Gene Novark, Emery D. Berger |
| WOOT '11 | Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities Using Machine Learning | Fabian Yamaguchi, Felix "FX" Lindner, Konrad Rieck |
| WOOT '11 | Exposing iClass Key Diversification | Flavio D. Garcia, Gerhard de Koning Gans, Roel Verdult |
| WOOT '10 | Zero-sized Heap Allocations Vulnerability Analysis | Julien Vanegue |
| WOOT '10 | Recovering Windows Secrets and EFS Certificates Offline | Elie Burzstein, Jean Michel Picod |
| WOOT '10 | Crawling BitTorrent DHTs for Fun and Profit | Scott Wolchok, J. Alex Halderman |
| WOOT '10 | Practical Padding Oracle Attacks | Juliano Rizzo, Thai Duong |
| WOOT '10 | Smudge Attacks on Smartphone Touch Screens | Adam J. Aviv, Katherine Gibson, Evan Mossop, Matt Blaze, Jonathan M. Smith |
| WOOT '10 | Framing Attacks on Smart Phones and Dumb Routers: Tap-jacking and Geo-localization Attacks | Baptiste Gourdin |
| WOOT '10 | Interpreter Exploitation | Dionysus Blazakis |
| WOOT '10 | A Framework for Automated Architecture-Independent Gadget Search | Thomas Dullien, Tim Kornau, Ralf-Philipp Weinmann |
| WOOT '08 | Engineering Heap Overflow Exploits with JavaScript | Mark Daniel, Jake Honoroff, Charlie Miller |
| WOOT '08 | Experiences with Model Inference Assisted Fuzzing | Joachim Viide, Aki Helin, Marko Laakso, Pekka Pietikäinen, Mika Seppänen, Kimmo Halunen, Rauli Puuperä, Juha Röning |
| WOOT '08 | Insecure Context Switching: Inoculating Regular Expressions for Survivability | Will Drewry, Tavis Ormandy |
| WOOT '08 | There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits | Marco Cova, Christopher Kruegel, Giovanni Vigna |
| WOOT '08 | Towards Systematic Evaluation of the Evadability of Bot/Botnet Detection Methods | Elizabeth Stinson, John C. Mitchell |
| WOOT '08 | Reverse Engineering Python Applications | Aaron Portnoy, Ali-Rizvi Santiago |
| WOOT '08 | Exploitable Redirects on the Web: Identification, Prevalence, and Defense | Craig A. Shue, Andrew J. Kalafut, Minaxi Gupta |
| WOOT '08 | Modeling the Trust Boundaries Created by Securable Objects | Matt Miller |
