The goal of this talk is to provide a basic introduction to WebAssembly and examine the actual security risks that a developer may take on by using it. We will cover the low-level semantics of WebAssembly, including the Javascript API, the linear memory model, and the use of tables as function pointers.

By Justin Engler + Tyler Lukasiewicz

Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#webassembly-a-new-world-of-native-exploits-on-the-browser-10043

Posted by Charlie