从参考链接整理的基于klee的开源工作：http://klee.github.io/publications/

1. KleeNet: Discovering Insidious Interaction Bugs in Wireless Sensor Networks Before Deployment
   Raimondas Sasnauskas, Olaf Landsiedel, Muhammad Hamad Alizai, Carsten Weise, Stefan Kowalewski, Klaus Wehrle
   ACM/IEEE International Conference on Information Processing in Sensor Networks (IPSN 2010)
   April 12-16, 2010, Stockholm, Sweden
   KleeNet is available here.
2. S2E: A Platform for In Vivo Multi-Path Analysis of Software Systems
   Vitaly Chipounov, Volodymyr Kuznetsov, George Candea
   International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2011)
   March 5-11, 2011, Newport Beach, CA
   S2E is available at EPFL and GitHub.
3. Parallel Symbolic Execution for Automated Real-World Software Testing
   Stefan Bucur, Vlad Ureche, Cristian Zamfir, George Candea
   ACM SIGOPS/EuroSys European Conference on Computer Systems (EuroSys 2011)
   April 10-13, 2011, Salzburg, Austria
   Cloud9 is available here.
4. GKLEE: Concolic Verification and Test Generation for GPUs
   Guodong Li, Peng Li, Geof Sawaya, Ganesh Gopalakrishnan, Indradeep Ghosh, Sreeranga P. Rajan
   ACM Symposium on Principles and Practice of Parallel Programming (PPoPP 2012)
   February 25-29, 2012, New Orleans, LA, USA
   GKLEE is available here.
5. make test-zesti: A Symbolic Execution Solution for Improving Regression Testing
   Paul Dan Marinescu, Cristian Cadar
   ACM/IEEE International Conference on Software Engineering (ICSE 2012)
   June 2-9, 2012, Zurich, Switzerland
   ZESTI is available here.
6. BugRedux: Reproducing Field Failures for In-House Debugging
   Wei Jin, Alessandro Orso
   ACM/IEEE International Conference on Software Engineering (ICSE 2012)
   June 2-9, 2012, Zurich, Switzerland
   BugRedux is available here.
7. Verifying Systems Rules Using Rule-Directed Symbolic Execution
   Heming Cui, Gang Hu, Jingyue Wu, Junfeng Yang
   International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2013)
   March 16-20, 2013, Houston, USA
   Woodpecker is available here.
8. Symbiotic: Synergy of Instrumentation, Slicing, and Symbolic Execution (Competition Contribution)
   Jiri Slaby, Jan Strejcek, Marek Trtík
   International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2013)
   March 16-24, 2013, Rome, Italy
   Symbiotic is available here.
9. Multi-solver Support in Symbolic Execution
   Hristina Palikareva, Cristian Cadar
   International Conference on Computer Aided Verification (CAV 2013)
   July 13-19, 2013, St Petersburg, Russia
   KLEE-Multisolver is available here.
10. Conflict-Driven Symbolic Execution
    Celina Gomes do Val
    Master Thesis, University of British Columbia
    March 2014, Vancouver, CA
    KITE is available here.
11. Docovery: Toward Generic Automatic Document Recovery
    Tomasz Kuchta, Cristian Cadar, Miguel Castro, Manuel Costa
    IEEE/ACM International Conference on Automated Software Engineering (ASE 2014)
    September 15-19, 2014, Vasteras, Sweden
    Docovery is available here.
12. Analyzing Protocol Implementations for Interoperability
    Luis Pedrosa, Ari Fogel, Nupur Kothari, Ramesh Govindan, Ratul Mahajan, Todd Millstein
    USENIX Symposium on Networked Systems Design and Implementation (NSDI 2015)
    May 4-6, 2015, Oakland, CA, USA
    PIC is available here.
13. Angelix: Scalable Multiline Program Patch Synthesis via Symbolic Analysis
    Sergey Mechtaev, Jooyong Yi, Abhik Roychoudhury
    ACM/IEEE International Conference on Software Engineering (ICSE 2016)
    May 14-22, 2016, Austin, Texas, USA
    Angelix is available here.
14. Shadow of a Doubt: Testing for Divergences Between Software Versions
    Hristina Palikareva, Tomasz Kuchta, Cristian Cadar
    ACM/IEEE International Conference on Software Engineering (ICSE 2016)
    May 14-22, 2016, Austin, Texas, USA
    Shadow is available here.
15. BovInspector: Automatic Inspection and Repair of Buffer Overflow Vulnerabilities
    Fengjuan Gao, Lingzhang Wang, Xuandong Li
    IEEE/ACM International conference on Automated Software Engineering (ASE 2016)
    September 3-7, 2016, Singapore, Singapore
    BovInspector is available here.
16. Accelerating Array Constraints in Symbolic Execution
    David M. Perry, Andrea Mattavelli, Xiangyu Zhang, Cristian Cadar
    ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2017)
    July 10-14, 2017, Santa Barbara, CA, USA
    KLEE-Array is available here.
17. Souper: A Synthesizing Superoptimizer
    Raimondas Sasnauskas, Yang Chen, Peter Collingbourne, Jeroen Ketema, Gratian Lup, Jubi Taneja, John Regehr
    arXiv, November 13, 2017
    Souper is available here.
18. CRETE: A Versatile Binary-Level Concolic Testing Framework
    Bo Chen, Christopher Havlicek, Zhenkun Yang, Kai Cong, Raghudeep Kannavara, Fei Xie
    International Conference on Fundamental Approaches to Software Engineering (FASE 2018)
    April 14-20, 2018, Thessaloniki, Greece
    CRETE is available here.
19. Map2Check Using LLVM and KLEE
    Rafael Menezes, Herbert Rocha, Lucas Cordeiro, Raimundo Barreto
    International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2018)
    April 14-20, 2018, Thessaloniki, Greece
    Map2Check is available here.
20. Chopped Symbolic Execution
    David Trabish, Andrea Mattavelli, Noam Rinetzky, Cristian Cadar
    ACM/IEEE International Conference on Software Engineering (ICSE 2018)
    May 27 - June 3, 2018, Gothenburg, Sweden
    Chopper is available here.
21. Symbolic Liveness Analysis for Real-World Software
    Daniel Schemmel, Julian Büning, Oscar Soria Dustmann, Thomas Noll, Klaus Wehrle
    International Conference on Computer Aided Verification (CAV 2018)
    July 14-17, 2018, Oxford, UK
    The implementation is available here.
22. No Panic! Verification of Rust Programs by Symbolic Execution
    Marcus Lindner, Jorge Aparicius, Per Lindgren
    IEEE International Conference on Industrial Informatics (INDIN 2018)
    July 18-20, 2018, Porto, Protugal
    cargo-klee is available here.
23. Inception: System-Wide Security Testing of Real-World Embedded Systems Software
    Nassim Corteggiani, Giovanni Camurati, Aurélien Francillon
    USENIX Security Symposium (Security 2018)
    August 15-17, 2018, Baltimore, USA
    Inception is available here.
24. End-to-End Automated Exploit Generation for Validating the Security of Processor Designs
    Rui Zhang, Calvin Deutschbein, Peng Huang, Cynthia Sturton
    IEEE/ACM International Symposium on Microarchitecture (MICRO 2018)
    October 20-24, 2018, Fukuoka, Japan
    Coppelia is available here.
25. Zero-Overhead Path Prediction with Progressive Symbolic Execution
    Richard Rutledge, Sunjae Park, Haider Khan, Alessandro Orso, Milos Prvulovic, Alenka Zajic
    IEEE/ACM International Conference on Software Engineering (ICSE 2019)
    May 25-31, 2019, Montreal, Canada
    pg-klee is available here.
26. ApproxSymate: Path Sensitive Program Approximation using Symbolic Execution
    Himeshi De Silva, Andrew E. Santosa, Nhut-Minh Ho, Weng-Fai Wong
    ACM International Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES 2019)
    June 23, 2019, Phoenix, USA
    ApproxSymate is available here.
27. A Segmented Memory Model for Symbolic Execution
    Timotej Kapus, Cristian Cadar
    ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2019)
    August 26-30, 2019, Tallin, Estonia
    The implementation is available here.
28. KLEESPECTRE: Detecting Information Leakage through Speculative Cache Attacks via Symbolic Execution
    Guanhua Wang, Sudipta Chattopadhyay, Arnab Kumar Biswas, Tulika Mitra, Abhik Roychoudhury
    arXiv, September 2, 2019
    KLEESpectre is available here.
29. Mousse: A System for Selective Symbolic Execution of Programs with Untamed Environments
    Yingtong Liu, Hsin-Wei Hung, Ardalan Amiri Sani
    ACM SIGOPS/EuroSys European Conference on Computer Systems (EuroSys 2020)
    April 27-30, 2020, Virtual Conference, Greece
    Mousse is available here.
30. SAVIOR: Towards Bug-Driven Hybrid Testing
    Yaohui Chen, Peng Li, Jun Xu, Shengjian Guo, Rundong Zhou, Yulong Zhang, Taowei, Long Lu
    IEEE Symposium on Security and Privacy (S&P 2020)
    May 18-20, 2020, Virtual Conference, USA
    SAVIOR is available here.
31. Relocatable Addressing Model for Symbolic Execution
    David Trabish, Noam Rinetzky
    ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2020)
    July 18–22, 2020, Virtual Event, USA
    klee-ram is available here.
32. Running Symbolic Execution Forever
    Frank Busse, Martin Nowack, Cristian Cadar
    ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2020)
    July 18–22, 2020, Virtual Event, USA
    MoKlee is available here.
33. Analyzing System Software Components Using API Model Guided Symbolic Execution
    Tuba Yavuz, Ken (Yihang) Bai
    Automated Software Engineering (AUSE)
    September 19, 2020
    PROMPT is available here.
34. Pending Constraints in Symbolic Execution for Better Exploration and Seeding
    Timotej Kapus, Frank Busse, Cristian Cadar
    IEEE/ACM International Conference on Automated Software Engineering (ASE 2020)
    September 21-25, 2020, Virtual Event, AU
    The artefact is available here.
35. Making Symbolic Execution Promising by Learning Aggressive State-Pruning Strategy
    Sooyoung Cha, Hakjoo Oh
    ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2020)
    November 8-13, 2020, Virtual Event, USA
    HOMI is available here.
36. Past-Sensitive Pointer Analysis for Symbolic Execution
    David Trabish, Timotej Kapus, Noam Rinetzky, Cristian Cadar
    ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2020)
    November 8-13, 2020, Virtual Event, USA
    PSPA is available here.
37. Automatic Buffer Overflow Warning Validation
    Feng-Juan Gao, Yu Wang, Lin-Zhang Wang, Zijiang Yang, Xuan-Dong Li
    Automatic Buffer Overflow Warning Validation. Journal of Computer Science and Technology, Volume 35 (JCST 2020)
    November 20, 2020
    BovInspector is available here.
38. Address-Aware Query Caching for Symbolic Execution
    David Trabish, Shachar Itzhaky, Noam Rinetzky
    IEEE International Conference on Software Testing, Verification and Validation (ICST 2021)
    April 12-16, 2021, Virtual Event, Brazil
    The implementation is available here.
39. Concolic Program Repair
    Ridwan Salihin Shariffdeen, Yannic Noller, Lars Grunske, Abhik Roychoudhury
    ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2021)
    June 20-26, 2021, Virtual Event
    The artefact is available here.