Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Writing a New Decompiler for JRuby Security Audits

Hack In The Box Security Conference via YouTube

Overview

Explore the intricacies of security auditing for seldom-used technologies in this conference talk from the Hack In The Box Security Conference. Dive into the world of JRuby, a Java Virtual Machine language used by companies like Elastic, RedHat, and eazyBI. Learn how to navigate poorly documented software and turn black-box research into grey-box analysis. Discover the process of creating YBurj, a new free and open-source JRuby IR decompiler, which allows for automated recovery of compiled source code. Gain insights into vulnerabilities found during product audits using JRuby, and understand the challenges and rewards of choosing to explore unfamiliar technologies in security research. Follow along as the speaker, Dominic Couture, a staff security engineer at GitLab and bug bounty hunter, shares his experience in delving deep into the rabbit hole of JRuby and its Intermediate Representation (IR) format.

Syllabus

#HITB2023HKT D1T1 - Writing A New Decompiler Just For A Security Audit - Dominic Couture

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Writing a New Decompiler for JRuby Security Audits

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.