|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@
Pat_Ventuzelo
France
|
|
Independent Security Researcher // Freelancer // #WebAssembly & #Rustlang Security Trainer // I'm doing Reversing, Vulnerability Research & Fuzzing.
|
|
|
4.794
Tweetovi
|
1.073
Pratim
|
788
Osobe koje vas prate
|
| Tweetovi |
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
24 h |
|
Want to reverse #wasm module? Analyze cryptominer? #fuzzing WebAssembly VMs?
➡️ Reversing & Fuzzing #WebAssembly
⏲️ 3-Days
🇳🇱Amsterdam at #HITB2020AMS
🗓️ 20 -22 April 2020
⬇️ Detailed outline ⬇️
conference.hitb.org/hitbsecconf202…
@HITBSecConf @HITBMedia @HITBArmory
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
19 h |
|
Second time I will give my training at @reconmtl.
I got amazing attendees last year so I'm really looking forward for this year !!!
recon.cx/2020/montreal/… pic.twitter.com/6NRejIkV69
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
24 h |
|
Want to reverse #wasm module? Analyze cryptominer? #fuzzing WebAssembly VMs?
➡️ Reversing & Fuzzing #WebAssembly
⏲️ 3-Days
🇳🇱Amsterdam at #HITB2020AMS
🗓️ 20 -22 April 2020
⬇️ Detailed outline ⬇️
conference.hitb.org/hitbsecconf202…
@HITBSecConf @HITBMedia @HITBArmory
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
30. sij |
|
🎉 New #fuzzing blogpost :)
Quick blogpost about how I found a OOM/DoS bug in a famous @npmjs/@nodejs package using coverage-guided #javascript fuzzer.
➡️ Fuzzer: Jsfuzz by @fuzzitdev
➡️ Target: wasm-parser
➡️ Bug: DoS/OOM
webassembly-security.com/fuzzing-npm-no…
#WeAssembly #js #wasm #NodeJS
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
ringzerø.training
@_ringzer0
|
30. sij |
|
#Blackhat has 151 trainings. We have 18.
18 of the best hacker trainings you can ever find.
#SimplifyYourChoices
Early 🐦 prices are still available at #Ringzer0!
Register now ➡️ ringzer0.training
RTs appreciated!
#QUALITYvsQUANTITY pic.twitter.com/uDo3MDzh36
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
30. sij |
|
🎉 New #fuzzing blogpost :)
Quick blogpost about how I found a OOM/DoS bug in a famous @npmjs/@nodejs package using coverage-guided #javascript fuzzer.
➡️ Fuzzer: Jsfuzz by @fuzzitdev
➡️ Target: wasm-parser
➡️ Bug: DoS/OOM
webassembly-security.com/fuzzing-npm-no…
#WeAssembly #js #wasm #NodeJS
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
Nicolas Krassas
@Dinosn
|
9. sij |
|
Fuzzing JavaScript WebAssembly APIs using Dharma/Domato (on Chrome/V8)
webassembly-security.com/fuzzing-wasm-j…
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
WebAssemblyWeekly
@WasmWeekly
|
9. sij |
|
Fuzzing JavaScript WebAssembly APIs using Dharma/Domato webassembly-security.com/fuzzing-wasm-j… - an interesting post that looks at testing the wasm JS APIs for bugs and vulnerabilities
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
/r/netsec
@_r_netsec
|
9. sij |
|
Fuzzing JavaScript WebAssembly APIs with Dharma/Domato (Chrome/v8) webassembly-security.com/fuzzing-wasm-j…
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
Alexander Chopan
@alexanderchopan
|
16. kol |
|
Analysis of Google Keep WebAssembly module | WebAssembly Security (“There aren’t that many people using WebAssembly in production yet, although one notable usage is within GoogleKeep, a cross-platform note-taking app”)
buff.ly/2ZagaJM
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
29. sij |
|
Will be available on YouTube as well? ;)
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
28. sij |
|
🐦 Only 4 days left to enjoy the early bird discount 🔥
➡️ Reversing & Fuzzing #WebAssembly
⏲️ 3-Days
🇳🇱 Amsterdam at @HITBSecConf
🗓️ 20 -22 April 2020
conference.hitb.org/hitbsecconf202…
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
28. sij |
|
🐦 Only 4 days left to enjoy the early bird discount 🔥
➡️ Reversing & Fuzzing #WebAssembly
⏲️ 3-Days
🇳🇱 Amsterdam at @HITBSecConf
🗓️ 20 -22 April 2020
conference.hitb.org/hitbsecconf202…
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
27. sij |
|
I will give a workshop about how to reverse eWasm smart contract ;)
#WebAssembly @EthCC_ #EthCC twitter.com/EthCC_/status/…
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
Jonathan Foote
@footePGH
|
23. sij |
|
Looks like we're in the final throws of getting @bytecodeallies wasmtime accepted into oss-fuzz, which would be the first @rustlang fuzz targets running there ever AFAIK.
Thanks to @fitzgen @jonathanmetzman (and team) @fastly for helping make this happen. Pretty cool.
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
Jacques Favreau
@betaorbust
|
22. sij |
|
Holy smokes! @Microsoft comes flying into the ring with Puppeteer-on-12-cups-of-coffee — Playwright does native browser automation on Chromium, WebKit, and Firefox. 🤯🤯
github.com/microsoft/play…
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
23. sij |
|
Is ChakraCore still used by @Microsoft?
Because it's pretty funny to see the number of github issues with *potential 0-days* crashtests insides.
github.com/microsoft/Chak…
|
||
|
|
||
|
ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ
@Pat_Ventuzelo
|
21. sij |
|
Which subject about #WebAssembly security do you want for my next blogpost?
Old blogposts here: webassembly-security.com/blog
Training:
webassembly-security.com
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
Maurício Aniche
@mauricioaniche
|
20. sij |
|
We (@serg_delft) just opened our software testing lecture notes. It currently contains 14 full chapters, 52k words, 63 videos, and 82 exercises. License: CC-BY-NC-SA. Feel free to use it! sttp.site
|
||
|
|
||
| ᴘᴀᴛʀɪᴄᴋ ᴠᴇɴᴛᴜᴢᴇʟᴏ proslijedio/la je tweet | ||
|
Silvio Cesare
@silviocesare
|
18. sij |
|
My first blog post on browser exploitation for
@infosectcbr. I'll look at how to pop xcalc on current Linux Spidermonkey given a relative (oob) rw bug. Spidermonkey is the JavaScript Engine in Firefox. Exploit code also supplied. blog.infosectcbr.com.au/2020/01/firefo…
|
||
|
|
||