Jonathan Foote

@footePGH

Principal security architect at . R&D junkie. Security dad.

Pittsburgh, PA, USA
Vrijeme pridruživanja: svibanj 2008.

Tweetovi

Blokirali ste korisnika/cu @footePGH

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @footePGH

  1. proslijedio/la je Tweet
    31. sij
    Poništi
  2. 23. sij

    I mean 😬

    Prikaži ovu nit
    Poništi
  3. 23. sij

    Looks like we're in the final throws of getting wasmtime accepted into oss-fuzz, which would be the first fuzz targets running there ever AFAIK. Thanks to @jonathanmetzman (and team) for helping make this happen. Pretty cool.

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    13. pro 2019.

    libFuzzer fuzzing SQLite in the browser using WebAssembly:

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet

    🎉 First security blogpost of 2020 🎉 Some people ask me, so here is how to start fuzzing APIs of JavaScript engines like Chrome/V8. In this blogpost, I'm using: ✅ Dharma/Domato ✅ Chrome/v8 ASan pre-built ✅ Honggfuzz ;)

    Poništi
  6. proslijedio/la je Tweet

    🎉 New security blogpost 🎉 Do you know that it's pretty easy to create an HTML/JS/Wasm module polyglot? Those polyglot files are consider as valid: ✅ HTML/Javascript files ✅ WebAssembly modules Kudos to for the help ;)

    Poništi
  7. 24. lis 2019.

    The initial set of TTPs for ATT&CK Cloud is relatively small but a good start. Should be useful. Thanks to all the contributors . Some useful updates to the other frameworks and tools as well 👍

    Poništi
  8. 17. lis 2019.

    Does anyone happen to know of something like a matrix for cloud IaaS (AWS, GCP, et. al.) TTPs?

    Poništi
  9. proslijedio/la je Tweet

    Some quick outline about my 4-days security training at : * Reversing wasm module * Static & dynamic analysis (Tainting, DBI, Debugging) * De/obfuscation * Vulnerability research inside wasm module * wasm CVEs * Fuzzing wasm VM

    Poništi
  10. proslijedio/la je Tweet
    28. ožu 2019.

    🎉It's here! 🎉Meet Lucet, our latest open-source project — designed to take WebAssembly beyond the browser + build a platform for faster, safer execution on Fastly’s edge cloud.

    Poništi
  11. proslijedio/la je Tweet
    27. ožu 2019.

    WebAssembly running outside the web has a huge future. And that future gets one giant leap closer today with... 📢 Announcing WASI: A system interface for running WebAssembly outside the web (and inside it too)

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    21. velj 2019.

    We're excited to present CRXcavator () to help you examine Chrome extensions to understand the risk they could introduce. discusses the service's design and just some of our analysis of all the extensions on the Web Store:

    Poništi
  13. proslijedio/la je Tweet
    7. velj 2019.

    ClusterFuzz, an infrastructure used for fuzzing Chrome and OSS-Fuzz, is open source now! Enjoy responsibly :) Blog: Code:

    Poništi
  14. 13. sij 2019.

    I highly recommend checking out if you're into this sort of thing. The instructor and content (and the other students) were excellent. Days later I am still having weird dreams about lambda calculus. Thanks , , and Mike B.

    Poništi
  15. proslijedio/la je Tweet
    20. stu 2018.
    Poništi
  16. proslijedio/la je Tweet
    20. stu 2018.

    🚀 Edge innovation is baked into the history of Fastly. And it’s where we’re headed in the future. Introducing Fastly Labs:

    Poništi
  17. 24. ruj 2018.

    /cc ^ in case you haven't seen it

    Prikaži ovu nit
    Poništi
  18. 24. ruj 2018.

    dynamic instrumentation framework for WebAssembly programs (code and paper). You can try it in the browser.

    Prikaži ovu nit
    Poništi
  19. 11. kol 2018.

    This paper from , and co. explores attacks against emscripten-generated WebAssembly programs in web embeddings (i.e. browsers and node.js): . Worth a read if you're into WebAssembly. /cc

    Poništi
  20. 29. lip 2018.

    Some hands-on examples around hijacking the control flow of a WebAssembly program and then mitigating the attack vector: . A demo from the talk I gave at :: written up for the blog.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·