Only an Electron Away from Code Execution
Offered By: NorthSec via YouTube
Course Description
Overview
Explore the security implications of the Electron framework in desktop application development through this informative conference talk. Delve into how web developers transitioning to desktop environments often bring common web vulnerabilities, particularly XSS, into a context where they can have far more severe consequences. Examine the unique security challenges posed by Electron applications, including their expanded attack surface and potential for code execution from XSS vulnerabilities. Gain insights into the speaker's research, which has led to multiple CVE discoveries, and learn about possible attack vectors that developers may be unaware of. Witness live demonstrations of vulnerable Electron applications, showcasing how XSS can lead to full code execution in these non-sandboxed environments.
Syllabus
Silvia Väli - Only an Electron away from code execution
Taught by
NorthSec
Related Courses
Bug Bounty In HindiYouTube CVE Series: Confluence RCE (CVE-2022-26134)
Cybrary Achieving Linux Kernel Code Execution Through a Malicious USB Device
Black Hat via YouTube Towards Discovering Remote Code Execution Vulnerabilities in Apple FaceTime
Black Hat via YouTube Browser Hacking With ANGLE
Hack In The Box Security Conference via YouTube