NoJITsu - Locking Down JavaScript Engines

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore data-only attacks against dynamic scripting environments in this 32-minute Black Hat conference talk. Delve into the vulnerabilities of web browsers and modern applications that embed scripting engines for interactive content. Understand how just-in-time compilation, used to optimize performance, can be exploited by adversaries to achieve code execution or elevate privileges. Learn about the corruption of sensitive data, such as the intermediate representation of optimizing JIT compilers, and discover the various defenses being developed to protect just-in-time compilers. Gain insights from speaker Taemin Park on the evolving landscape of security threats and countermeasures in JavaScript engines.

Syllabus

NoJITsu: Locking Down JavaScript Engines

Taught by

Black Hat

Reviews

Start your review of NoJITsu - Locking Down JavaScript Engines

Taught by

JavaScript Engines - How Do They Even?

Demystifying JavaScript Engines

JavaScript JITs

The Hat Trick - Exploit Chrome Twice from Runtime to JIT

Return to Where? You Can't Exploit What You Can't Find

Locking the Throne Room - ECMA Script 5, a Frozen DOM and the Eradication of XSS

5 Best Free Web Development Courses for 2024: Over 900 Hours of Learning

100+ Free Courses to Learn JavaScript, React, Node

10 Best JavaScript Courses for 2024: Create Interactive Websites

Never Stop Learning.