Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @footePGH
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @footePGH
-
Jonathan Foote proslijedio/la je Tweet
Symbolically Executing WebAssembly in Manticore http://blog.trailofbits.com/2020/01/31/symbolically-executing-webassembly-in-manticore/ …pic.twitter.com/Zn32ctRoas
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Looks like we're in the final throws of getting
@bytecodeallies wasmtime accepted into oss-fuzz, which would be the first@rustlang fuzz targets running there ever AFAIK. Thanks to@fitzgen @jonathanmetzman (and team)@fastly for helping make this happen. Pretty cool.Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
libFuzzer fuzzing SQLite in the browser using WebAssembly: https://jonathanmetzman.github.io/wasm-fuzzing-demo/sqlite/sqlite.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
First #wasm security blogpost of 2020
Some people ask me, so here is how to start fuzzing #WebAssembly APIs of#browser JavaScript engines like Chrome/V8. In this blogpost, I'm using:
Dharma/Domato
Chrome/v8 ASan pre-built
Honggfuzz ;)https://webassembly-security.com/fuzzing-wasm-javascript-dharma-chrome-v8/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
New #WebAssembly security blogpost
Do you know that it's pretty easy to create an HTML/JS/Wasm module polyglot?
Those polyglot files are consider as valid:
HTML/Javascript files
WebAssembly modules
https://webassembly-security.com/polyglot-webassembly-module-html-js-wasm/ …
Kudos to @angealbertini for the help ;)Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The initial set of TTPs for ATT&CK Cloud is relatively small but a good start. Should be useful. Thanks to all the contributors
@MITREattack@MsftSecIntel@Netskope@praetorianlabs. Some useful updates to the other frameworks and tools as well
https://twitter.com/MITREattack/status/1187366974529126401 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Does anyone happen to know of something like a
@MITREattack matrix for cloud IaaS (AWS, GCP, et. al.) TTPs?Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
Some quick outline about my 4-days
#webassembly security training at@reconmtl : * Reversing wasm module * Static & dynamic analysis (Tainting, DBI, Debugging) * De/obfuscation * Vulnerability research inside wasm module * wasm CVEs * Fuzzing wasm VM https://recon.cx/2019/montreal/training/trainingwebassembly.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
It's here!
Meet Lucet, our latest open-source project — designed to take WebAssembly beyond the browser + build a platform for faster, safer execution on Fastly’s edge cloud.https://fastly.us/2THjfhN Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
WebAssembly running outside the web has a huge future. And that future gets one giant leap closer today with...
Announcing WASI: A system interface for running WebAssembly outside the web (and inside it too)https://hacks.mozilla.org/2019/03/standardizing-wasi-a-webassembly-system-interface/ …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
We're excited to present CRXcavator (http://crxcavator.io ) to help you examine Chrome extensions to understand the risk they could introduce.
@crxpert discusses the service's design and just some of our analysis of all the extensions on the Web Store: http://duo.sc/crxcavator pic.twitter.com/aOHpeAezs7
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
ClusterFuzz, an infrastructure used for fuzzing Chrome and OSS-Fuzz, is open source now! Enjoy responsibly :) Blog: https://opensource.googleblog.com/2019/02/open-sourcing-clusterfuzz.html … Code: https://github.com/google/clusterfuzz …
#fuzzing#chrome#oss#security#clusterfuzzHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I highly recommend checking out https://www.dabeaz.com/sicp.html if you're into this sort of thing. The instructor and content (and the other students) were excellent. Days later I am still having weird dreams about lambda calculus. Thanks
@dabeaz,@WillingCarol@_JustinMoon_, and Mike B.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
Some really good work here by
@sirus -https://duo.com/blog/secure-boot-in-the-era-of-the-t2 …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Jonathan Foote proslijedio/la je Tweet
Edge innovation is baked into the history of Fastly. And it’s where we’re headed in the future.
Introducing Fastly Labs:https://fastly.us/2Q89Yl7 Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
/cc
@Pat_Ventuzelo@justinengler ^ in case you haven't seen itPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
http://wasabi.software-lab.org dynamic instrumentation framework for WebAssembly programs (code and paper). You can try it in the browser.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This paper from
@justinengler,@_kablaa and co. explores attacks against emscripten-generated WebAssembly programs in web embeddings (i.e. browsers and node.js): http://i.blackhat.com/us-18/Thu-August-9/us-18-Lukasiewicz-WebAssembly-A-New-World-of-Native_Exploits-On-The-Web-wp.pdf …. Worth a read if you're into WebAssembly. /cc@kripkenHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Some hands-on examples around hijacking the control flow of a WebAssembly program and then mitigating the attack vector: https://www.fastly.com/blog/hijacking-control-flow-webassembly-program …. A demo from the talk I gave at
@duosec::@duo_labs written up for the@fastly blog.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
