Completed
Prototype Pollution - Electron
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Preloading Insecurity in Your Electron
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Anatomy of Electron-based Apps
- 3 Lifecycle
- 4 ContextIsolation 1/2
- 5 Electron is NOT a browser
- 6 From Browser to Electron - Attack Surface
- 7 From Browser to Electron- Isolation
- 8 Full chain exploit (Step 1)
- 9 Cross-Site Scripting
- 10 Full chain exploit (Step 2)
- 11 nodelntegration bypasses
- 12 Affected Configs
- 13 Exploits
- 14 Secure-by-Default Settings (v5)
- 15 Chromium Upgrades
- 16 Survey Results
- 17 preload - A neglected attack surface
- 18 Node's Buffer
- 19 Case Study - Wire App 1/3
- 20 Case Study - Discord 3/3
- 21 IpcMain and ipcRenderer 1/2
- 22 Leveraging the Internal Electron IPC
- 23 Case Study - (Again) Discord 3/3
- 24 Sandboxing 2/2
- 25 Native Capabilities, and Your Responsibility
- 26 Prototype Pollution - Preload
- 27 Case Study - Undisclosed 2/3
- 28 Prototype Pollution - Electron
- 29 Making Preload works with ContextIsolation
- 30 Black Hat Sound Bytes 2/3