disable-webassembly
exploits
disable-webassembly | exploits | |
---|---|---|
5 | 15 | |
102 | 2,486 | |
- | - | |
0.0 | 0.0 | |
almost 2 years ago | over 1 year ago | |
C | ||
- | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
disable-webassembly
-
CheerpJ 3.0: a JVM replacement in HTML5 and WASM to run Java on modern browsers
Just in case those who prefer not to allow Java need this, here's some info about disabling WASM in various browsers.
https://github.com/stevespringett/disable-webassembly
-
Disable WASM?
Dear All, I was reading https://github.com/stevespringett/disable-webassembly and was wondering if WASM can be disabled in qutebrowser or if it already is disabled when content.javascript.enabled is set to false?
- How-To for disabling WASM (web assembly) to reduce risk (GitHub)
-
Chrome zero-day released on GitHub (fixed on V8 but still works on latest)
For Chrome you can also run:
chrome --js-flags=--noexpose_wasm
More info for other browsers and platforms:
https://github.com/stevespringett/disable-webassembly
- Best Browser for privacy?
exploits
-
POV: you just wrote print("hello world") for the first time
If you still feel that's not "proper hacking", consider exploits that target the browser engine directly - those exploits are typically written in JavaScript. Here's an 0day from this week that gets code exec inside Chrome, written in JavaScript.
- Exploit for pwn2own Chrome zeroday released by third party researcher
- chrome 0day
-
Chrome zero-day released on GitHub (fixed on V8 but still works on latest)
Repo leads to this one from a few days ago, looks similar, maybe can help?
https://github.com/r4j0x00/exploits/tree/7ba55e5ab034d058774...
-
ELECTRIC CHROME: Exploiting CVE-2020-6418 on Tesla Model 3
Coincidentally, a Chromium 0day was released this morning that will very likely work out of the box on the latest Tesla software to get arbitrary code execution within the sandbox (tonight's little project, most likely).
- Chrome 0-Day
- Exploit of CVE-2020-16040 Google Chrome <= 87.0.4280.88 vulnerability
What are some alternatives?
Metasploit - Metasploit Framework
WHATWG HTML Standard - HTML Standard
ndk - The Android Native Development Kit
jvm-alternatives-to-js - Repository comparing JVM alternatives to JS: CheerpJ, GWT, JSweet, TeaVM, Vaadin Flow, bck2brwsr (bonus: React, Dart)
wrangler-legacy - 🤠Home to Wrangler v1 (deprecated)
ios-RCE-Vulnerability - Latest ios RCE Vulnerability disclosed by Google Security Researcher
Bytecoder - Framework to interpret and transpile JVM bytecode to JavaScript, OpenCL or WebAssembly.
printfify - printf(1)-based encoder
kotlin-wasm-examples - Examples with Kotlin/Wasm