2019/05/21 @ Northsec 2019
In this workshop, I will first introduce WebAssembly concepts and why it’s consider as a “game changer for the web”. Secondly, I will expose different techniques (Static/Dynamic analysis) and tools (Octopus, Wasabi, …) to perform a WebAssembly module analysis. Finally, we will hands-on with basic examples (crackmes) and go throws some real-life cryptominer and web-browsers plugins using WebAssembly module.
Along the talk, I will only used open source tools.
- Introduction
- WebAssembly Basics
- WebAssembly Runtime VM
- WebAssembly VM internals
- Module dissection
- Program analysis
- Wasabi
- Cryptominers
- Firefox addons analysis
- Conclusion
link / slides (not yet) / repository