YoVDO

WebAssembly - A New World of Native Exploits on the Browser

Offered By: Black Hat via YouTube

Tags

Black Hat Courses WebAssembly Courses Cross-Site Scripting (XSS) Courses Buffer Overflow Courses Integer Overflow Courses

Course Description

Overview

Explore WebAssembly's security implications in this 45-minute Black Hat conference talk. Gain a basic understanding of WebAssembly and examine potential security risks for developers. Delve into WebAssembly's low-level semantics, including the Javascript API, linear memory model, and function pointer tables. Learn about linear memory, function tables, Wasm in the browser, Inscript, integer overflows, buffer overflows, existing bugs, and XSS vulnerabilities. Discover preventive measures, the WebAssembly design specification, and the WebAssembly optimizer. Presented by Justin Engler and Tyler Lukasiewicz, this talk offers valuable insights for developers and security professionals working with WebAssembly in browser environments.

Syllabus

Introduction
Linear Memory
Function Tables
Wasm in the Browser
Inscript
Integer Overflows
Buffer Overflows
Existing Bugs
XSS
What can we do
WebAssembly design specification
WebAssembly optimizer


Taught by

Black Hat

Related Courses

Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam A Crash Course in C
Northwestern University via YouTube Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
Black Hat via YouTube Squashing Low-hanging Fruit in Embedded Software
Hack In The Box Security Conference via YouTube Software Security Era - Past, Present, and Future
Hack In The Box Security Conference via YouTube