"From Reversing to Vulnerability Research"
WebAssembly (WASM) is a new binary format currently developed and supported by all major browsers including Firefox, Chrome, WebKit /Safari and Microsoft Edge through the W3C. This new format have been designed to be “Efficient and fast“, “Debuggable“ and “Safe” that why it is often called as the “game changer for the web”.
WebAssembly is used everywhere (not exhaustive):
Web-browsers (Desktop & Mobile)
Cryptojacking (Coinhive, Cryptoloot)
Servers (Nodejs, React, Cloudflare workers)
Video games (Unity, UE4)
Blockchain platforms (EOS/Ethereum/Dfinity)
Linux Kernel (Cervus, Nebulet)
This courses will give you all the prerequisites to understand what’s a WebAssembly module and its associated virtual machine. At the end of this intensive 4 days, you will be able to reverse statically and dynamically a WebAssembly module, analyze its behavior, create detection rule and search for vulnerabilities & security issues. You will learn which security measures are implemented by the WebAssembly VM to validate and handle exceptions. Finally, you will discover how to find vulnerabilities inside WebAssembly VMs (Web-browsers, Standalone VM) using differents fuzzing techniques.
Along this training, students will deal with a lots of hands-on exercises allowing them to internalize concepts and techniques taught in class.
4 or 5 DAY COURSE OUTLINE
Customization is possible for onsite trainings. Schedule an onsite training at a location of your choice today.
Introduction to WebAssembly
WebAssembly VM architecture
Writing examples in C/C++/Rust/C#
Debugging WebAssembly module
WASM binary format (header, sections)
WebAssembly Text Format (wat/wast)
WebAssembly Instructions set
Coding with WASM Text format
Reversing WebAssembly module
CFG & CallGraph reconstruction
Browser Addons reversing
Modules Instructions analytics/metrics
WASM cryptominers analysis
Pattern detection signatures (YARA)
Dynamic Binary Instrumentation
Bytecode (De)-Obfuscation techniques
Static Single Assignment & Decompilation
Real-life WASM module analysis
Hacking WebAssembly video game
Traps & Exception handling
WebAssembly module vulnerabilities
Advanced vulnerabilities (UaF, TOCTOU…)
Exploitation NodeJS server running wasm module
Vulnerability detection (Static & Dynamic)
Lifting WASM bytecode
Fuzzing WebAssembly modules
Web-Browsers vulnerabilities analysis (CVEs PoC)
WebAssembly VM & Interpreter vulnerabilities
WebAssembly JS APIs generation
Fuzzing Web-Browsers (Chrome, Firefox, WebKit)
WASM module validation mechanism
Writing edge case module
WAT, WAST & WASM grammar generation
Blockchain VM targets
Fuzzing C/C++/Rust/Go WASM project
WebAssembly for Security Researcher
In-memory fuzzing everything using WebAssembly & Frida
KEY LEARNING OBJECTIVES
Basic reverse engineering skills.
Familiarity with scripting languages (Python, Bash, …).
Familiarity with C/C++ or Rust programming.
A notebook capable of running virtual machines.
Enough hard disk space to run VM
Virtual machine (VirtualBox preferred)
Administrator / root access required.
IDA PRO helpful, but not required.
We offer the world’s first WebAssembly Security training in 4 or 5 days format. For Rust Security training, only 2 days are required. All our onsite trainings start at just 5 participants. Customization of the training is possible, but need to be request as soon as possible.
Check out the complete training content we can offer.