WebAssembly - A New World of Native Exploits on the Browser
Offered By: Black Hat via YouTube
Course Description
Overview
Explore WebAssembly's security implications in this 45-minute Black Hat conference talk. Gain a basic understanding of WebAssembly and examine potential security risks for developers. Delve into WebAssembly's low-level semantics, including the Javascript API, linear memory model, and function pointer tables. Learn about linear memory, function tables, Wasm in the browser, Inscript, integer overflows, buffer overflows, existing bugs, and XSS vulnerabilities. Discover preventive measures, the WebAssembly design specification, and the WebAssembly optimizer. Presented by Justin Engler and Tyler Lukasiewicz, this talk offers valuable insights for developers and security professionals working with WebAssembly in browser environments.
Syllabus
Introduction
Linear Memory
Function Tables
Wasm in the Browser
Inscript
Integer Overflows
Buffer Overflows
Existing Bugs
XSS
What can we do
WebAssembly design specification
WebAssembly optimizer
Taught by
Black Hat
Related Courses
Information Security - 5 - Secure Systems EngineeringIndian Institute of Technology Madras via Swayam A Crash Course in C
Northwestern University via YouTube Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices
Black Hat via YouTube Squashing Low-hanging Fruit in Embedded Software
Hack In The Box Security Conference via YouTube Software Security Era - Past, Present, and Future
Hack In The Box Security Conference via YouTube