WebAssembly - A New World of Native Exploits on the Browser
Offered By: Black Hat via YouTube
Course Description
Overview
Explore WebAssembly's security implications in this 45-minute Black Hat conference talk. Gain a basic understanding of WebAssembly and examine potential security risks for developers. Delve into WebAssembly's low-level semantics, including the Javascript API, linear memory model, and function pointer tables. Learn about linear memory, function tables, Wasm in the browser, Inscript, integer overflows, buffer overflows, existing bugs, and XSS vulnerabilities. Discover preventive measures, the WebAssembly design specification, and the WebAssembly optimizer. Presented by Justin Engler and Tyler Lukasiewicz, this talk offers valuable insights for developers and security professionals working with WebAssembly in browser environments.
Syllabus
Introduction
Linear Memory
Function Tables
Wasm in the Browser
Inscript
Integer Overflows
Buffer Overflows
Existing Bugs
XSS
What can we do
WebAssembly design specification
WebAssembly optimizer
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube