Fuzzing V8 Engine JavaScript WebAssembly API using Dharma by Patrick Ventuzelo

Fuzzing V8 Engine JavaScript WebAssembly API using Dharma

Learn how to fuzz WebAssembly APIs of the Chrome V8 JavaScript engine using Dharma.
 πŸ“– 1 PDF,  πŸ“ Cheatsheet & 🎞️ Video 
In this course, I will first detailed which WebAssembly Javascript APIs are supported by major browsers. Then, I’ll explains how to use Dharma to generate valid Javascript file to fuzz WebAssembly APIs. Finally, I’ll show you an easy way to execute those generated testcases over ASAN build of Chrome/V8 engine.

What's included?

File Icon 4 files

Contents

Video
Video: Complete step-by-step tutorial
Materials
PDF: Fuzzing_V8_JavaScript_WebAssembly_APIs_With_Dharma.pdf
564 KB
Cheatsheet : All the commands for the tutorial
736 Bytes
Dharma grammar: wasm.dg
6.71 KB

Patrick Ventuzelo

Patrick Ventuzelo is a French Independent Security Researcher specialized in vulnerability research, fuzzing, reverse engineering and program analysis. 

Patrick found hundreds of bugs using fuzzing and developed both open-source security tools Octopus and WARF.

Patrick is a regular speaker and trainer at various security conferences around the globe, including REcon, RingZer0, ToorCon, hack.lu, NorthSec, SSTIC, FIRST, Microsoft DCC, BlackAlps, etc.