WebAssembly Reverse Engineering

Learn the basis of the WebAssembly ecosystem and how to reverse engineer wasm modules.
🎞️ 36 videos / ⏱️ 4.5 hours / 📖 200 slides

Buy now

What you'll learn

In this course, you will focus on the basics of WebAssembly and its ecosystem. You will learn how to reverse-engineer and analyze real-life modules using both the binary format and the text representation. Also, you will have the opportunity to apply much of the theory in practice over small hands-on assignments to highlight aspects of working with WebAssembly.

Assignment #1 - WebAssembly compilation

Compile C/C++/Rust code into WebAssembly.
Observe how Javascript interact with wasm module.
Discover how Emscripten works and why it is useful.

Assignment #2 - WebAssembly text format and debugging

Convert binary module into wasm text format representation.
Debug module execution step-by-step using browsers.
Analyze WebAssembly instructions to understand module logic.

Assignment #3 - Real-World: Browser addons analysis

Learn how wasm module can be stored inside browser addons.
Identify module entrypoints and architecture.
Determine module behaviors and origins.

Assignment #4 - WebAssembly reverse engineering

Disassemble and analyze module instructions.
Generate functions Control and Data flow graph (CFG and DFG).
Extract and modify wasm modules to solve challenges.

$2,400

WebAssembly Reversing and Dynamic Analysis

Learn how to reverse engineer WebAssembly modules, handle bytecode obfuscation and perform in-depth dynamic analysis.

Buy now Learn more

What's included?

Welcome & Summary

Quick welcome and presentation of the summary of this course.

Welcome & Overview

Preview

Summary

Preview

Materials

Day1_WebAssembly_reverse_engineering.pdf

wasm_reversing_day1.zip

1. Introduction to WebAssembly

1.0 - Introduction to WebAssembly

1.1 - WebAssembly toolchains

1.2 - Exercise - Quick examples

1.3 - WebAssembly ABIs

1.4 - Other WebAssembly toolchains

2. WebAssembly VMs

2.0 - WebAssembly VM architecture

2.1 - Web-browsers

2.2 - Standalone VMs & Interpreters

2.3 - Exercises - Quick examples

3. WebAssembly Binary & Text Format

3.0 - WebAssembly Text Format

3.1 - Exercises - Extra

3.2 - Debugging wasm Module (Browser)

3.3 - Debugging wasm Module (Standalone VM)

3.4 - Wasm Binary Format

4. Real-life Module Analysis: Browser Addons

4.0 - Browser Addons

4.1 - Exercises #1 - Complete Analysis

4.2 - Exercises #2

4.3 - Exercises #2 - Solution

4.4 - Exercises #3

4.5 - Exercises #3 - Solution

4.6 - Exercises #4

4.7 - Exercises #4 - Solution

5. WebAssembly Module Reversing Engineering

5.0 - WebAssembly Instructions Set

5.1 - CTF challenge #1

5.2 - CTF challenge #1 - Solution

5.3 - Disassembler & Reversing Tools

5.4 - Control Flow Graph (CFG)

5.5 - CTF challenge #2

5.6 - CTF challenge #2 - First Solution

5.7 - CTF challenge #2 - Second Solution

6. Call Graph & Data Flow Graph Analysis

6.0 - Call Flow Graph

6.1 - Data Flow Graph

6.2 - CTF challenge #3

6.3 - CTF challenge #3 - Solution

6.4 - Closing remarks

Meet Your Instructor

Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.

X Linked_in Youtube Website Mail

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇