YoVDO

WebAssembly - A New World of Native Exploits on the Browser

Offered By: Black Hat via YouTube

Tags

Black Hat Courses WebAssembly Courses Cross-Site Scripting (XSS) Courses Buffer Overflow Courses Integer Overflow Courses

Course Description

Overview

Explore WebAssembly's security implications in this 45-minute Black Hat conference talk. Gain a basic understanding of WebAssembly and examine potential security risks for developers. Delve into WebAssembly's low-level semantics, including the Javascript API, linear memory model, and function pointer tables. Learn about linear memory, function tables, Wasm in the browser, Inscript, integer overflows, buffer overflows, existing bugs, and XSS vulnerabilities. Discover preventive measures, the WebAssembly design specification, and the WebAssembly optimizer. Presented by Justin Engler and Tyler Lukasiewicz, this talk offers valuable insights for developers and security professionals working with WebAssembly in browser environments.

Syllabus

Introduction
Linear Memory
Function Tables
Wasm in the Browser
Inscript
Integer Overflows
Buffer Overflows
Existing Bugs
XSS
What can we do
WebAssembly design specification
WebAssembly optimizer


Taught by

Black Hat

Related Courses

Software Design Threats and Mitigations
University of Colorado System via Coursera Information Security - 5 - Secure Systems Engineering
Indian Institute of Technology Madras via Swayam Unlocking Information Security I: From Cryptography to Buffer Overflows
Tel Aviv University via edX Unlocking Information Security
Tel Aviv University via edX Buffer Overflow Exploits (Arabic) | OSCP Preparation
Udemy