Completed
Lifecycle
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Preloading Insecurity in Your Electron
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Anatomy of Electron-based Apps
- 3 Lifecycle
- 4 ContextIsolation 1/2
- 5 Electron is NOT a browser
- 6 From Browser to Electron - Attack Surface
- 7 From Browser to Electron- Isolation
- 8 Full chain exploit (Step 1)
- 9 Cross-Site Scripting
- 10 Full chain exploit (Step 2)
- 11 nodelntegration bypasses
- 12 Affected Configs
- 13 Exploits
- 14 Secure-by-Default Settings (v5)
- 15 Chromium Upgrades
- 16 Survey Results
- 17 preload - A neglected attack surface
- 18 Node's Buffer
- 19 Case Study - Wire App 1/3
- 20 Case Study - Discord 3/3
- 21 IpcMain and ipcRenderer 1/2
- 22 Leveraging the Internal Electron IPC
- 23 Case Study - (Again) Discord 3/3
- 24 Sandboxing 2/2
- 25 Native Capabilities, and Your Responsibility
- 26 Prototype Pollution - Preload
- 27 Case Study - Undisclosed 2/3
- 28 Prototype Pollution - Electron
- 29 Making Preload works with ContextIsolation
- 30 Black Hat Sound Bytes 2/3