Fuzzing Google V8 JavaScript Engine with Dharma (WebAssembly APIs) - Browser Security #1

preview_player
Показать описание

In this course, I will first detailed which WebAssembly Javascript APIs are supported by major browsers. Then, I’ll explains how to use Dharma (Domato like fuzzer) to generate valid Javascript file to fuzz WebAssembly APIs. Finally, I’ll show you an easy way to execute those generated testcases over ASAN build of Chrome/V8 engine.

#Fuzzing #Browser #Dharma

0:00 Introduction
0:33 WebAssembly support
1:52 What is Dharma and how to use it?
7:09 Why and How to download Google V8 ASAN build?
10:35 Play with d8
13:06 Honggfuzz to provide JS file to d8

==== 💻 FuzzingLabs Training ====

==== 🦄 Join the community ====

==== 📡 Socials ====

Keyword: Fuzzing, Fuzz Testing, WebAssembly, Browser, V8, Chrome, JavaScript, Dharma, JS, Domato
  1. FuzzingLabs
  2. dharma fuzzer
  3. fuzzing browser
  4. fuzzing javascript
  5. browser fuzzing
  6. fuzzing javascript engines with aspect-preserving mutation
Рекомендации по теме
Fuzzing Google V8 0:18:16

Fuzzing Google V8 JavaScript Engine with Dharma (WebAssembly APIs) - Browser Security #1

Introduction to V8 1:41:24

Introduction to V8 JavaScript Engine Grammar-based Fuzzing [WORKSHOP] - Browser security #5

THE V8 GOOGLE 0:02:34

THE V8 GOOGLE JS ENGINE IN CHROME CONSOLE

WORKSHOP ⧸⧸ Introduction 1:39:44

WORKSHOP ⧸⧸ Introduction to V8 JavaScript Engine Grammar based Fuzzing ⧸⧸ Patrick Ventuzelo

Fuzzing JavaScript Engines 0:01:00

Fuzzing JavaScript Engines with Aspect-preserving Mutation

Fuzzing JavaScript Engines 0:16:55

Fuzzing JavaScript Engines with Aspect-Preserving Mutation

NDSS 2019 Semantics-Aware 0:20:55

NDSS 2019 Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines

#HITB2018AMS D1T1 - 0:30:56

#HITB2018AMS D1T1 - Fuzzing Javascript Engines for Fun and Pwnage - Areum Lee & Jeonghoon Shin

NDSS 2023 - 0:14:32

NDSS 2023 - FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities

Advancements in JavaScript 0:48:51

Advancements in JavaScript Engine Fuzzing | HITCON CMT 2023

Fuzzilli – JavaScript 0:00:31

Fuzzilli – JavaScript Engine Fuzzing Library

How to Write 0:04:02

How to Write a Fuzz Test for JavaScript

NDSS 2021 Favocado: 0:14:50

NDSS 2021 Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Tests

Finding BUGS in 0:20:26

Finding BUGS in TypeScript code using Fuzzing (jsfuzz) - Javascript Security #2

DUMPLING: Fine-grained Differential 0:24:23

DUMPLING: Fine-grained Differential JavaScript Engine Fuzzing (NDSS'25)

ARITHMETIC OPS | 0:06:00

ARITHMETIC OPS | How the JavaScript REALLY engine works | V8 engine explained | Advanced JavaScript

Javascript Engines Vulnerability 1:00:36

Javascript Engines Vulnerability Research: State of the Art (HITBxPHDays 2024)

JavaScript V8 Engine 0:00:59

JavaScript V8 Engine Visualization

A Journey into 0:38:34

A Journey into Fuzzing WebAssembly Virtual Machine [BHUSA 2022]

jsplusplus - C++ 0:00:29

jsplusplus - C++ V8 JS Engine Linux PoC

Find Bugs in 0:20:45

Find Bugs in js/npm/nodejs code using Fuzz Testing (jsfuzz) - JavaScript Security #1

Browser Fuzzing via 0:00:25

Browser Fuzzing via BFuzz

3rd Real World 0:25:55

3rd Real World CTF:Exploiting V8 Interpreter by -1 Index to Descriptor Array

OffensiveCon23 - Samuel 0:22:54

OffensiveCon23 - Samuel Groß & Carl Smith - Advancements in JavaScript Engine Fuzzing

Комментарии
Автор

Slides and materials available here ;)

fuzzinglabs
Автор

hello you have 100 files and hongfuzz made more
does he walk in circles?

alexandrvesnuhin
Автор

Nice video, but next time, make sure you don't cover the content with your video.

brunoschmid