v8 javascript d8 chrome JS dharma grammar fuzzing fuzz testing domato freedom
| | |

Introduction to V8 JavaScript Engine Grammar-based Fuzzing

Introduction to V8 JavaScript Engine Grammar-based Fuzzing with Dharma In this short hands-on workshop, we will attack the V8 JavaScript Engine using grammar-based fuzzing. First, I will show how to download a version of V8 already compiled with addressSanitizer (ASAN). Then, I will introduce how to write a Dharma grammar and finally, we will use…

wasm webassembly browser emscripten solana wasm-pack wasm-bindgen near ewasm wasmer wasmtime
| |

Top 7 books to learn WebAssembly in 2022

Top 7 books to learn WebAssembly in 2022 Today, I discuss my favorite books if you are looking to learn more about WebAssembly and wasm security. Learn WebAssembly – link WebAssembly in Action – link What Is WebAssembly? – link The Art of WebAssembly – link WebAssembly: The Definitive Guide – link Programming WebAssembly with…

fuzzing firefox browser in-process fuzz testing frida hook browser books security
|

Top 4 books to learn Web Browser Security in 2022

Top 4 books to learn Web Browser Security in 2022 Today, I discuss my favorite books if you are looking to learn more about Web Browser internals and Browser security. The Tangled Web – link High-Performance Browser Networking – link / online The Browser Hacker’s Handbook – link The Google Chrome Comic – link https://youtu.be/UTLFkKnAsiA…

fuzzing chrome browser fuzz testing dom grammar based fuzzing freedom dharma firefox
| |

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer

Fuzzing Browsers DOM using FreeDom grammar-based fuzzer In this video, I will first explain how to download Chrome ASAN build. Then, I’ll detail what is DOM (Document Object Model) and how it is used by web browsers. I’ll use the FreeDom grammar-based fuzzer to generate some HTML files and create a simple script to process…

dharma wasm fuzzing webassembly training security
|

Fuzzing JavaScript WebAssembly APIs using Dharma/Domato (Chrome/v8)

Fuzzing JavaScript WebAssembly APIs using Dharma/Domato (V8 engine) First of all, Happy new hacking year everyone 😉 I got asked multiple time if fuzzing WebAssembly APIs of Javascript engines is complicated, so here is a short tutorial using Dharma (but you can use Domato if you prefer). In this blogpost, I will first detailed which WebAssembly…