This talk has been given in Nov 2018 at the Toorcon San Diego conference when I was still working for my older employer QuoScient. It's still a good introduction to WebAssembly analysis and a really short overview of my WebAssembly training.
In this talk, I will first introduce WebAssembly concepts and who currently used it in the wild. Secondly, I will show different WebAssembly VM available and explain the security measures implemented into it. Finally, I will show you, throw real life WASM modules, how to do static analysis, using techniques such as reversing, control flow and calls flow analysis, to understand deeper its behaviors. Along the talk, I will used multiple open source tools but mainly the one that I have developed and that is already available on Github (Octopus).