exploits
disable-webassembly
exploits | disable-webassembly | |
---|---|---|
15 | 5 | |
2,486 | 102 | |
- | - | |
0.0 | 0.0 | |
over 1 year ago | over 1 year ago | |
C | ||
BSD 2-clause "Simplified" License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
exploits
-
POV: you just wrote print("hello world") for the first time
If you still feel that's not "proper hacking", consider exploits that target the browser engine directly - those exploits are typically written in JavaScript. Here's an 0day from this week that gets code exec inside Chrome, written in JavaScript.
- Exploit for pwn2own Chrome zeroday released by third party researcher
- chrome 0day
-
Chrome zero-day released on GitHub (fixed on V8 but still works on latest)
Repo leads to this one from a few days ago, looks similar, maybe can help?
https://github.com/r4j0x00/exploits/tree/7ba55e5ab034d058774...
-
ELECTRIC CHROME: Exploiting CVE-2020-6418 on Tesla Model 3
Coincidentally, a Chromium 0day was released this morning that will very likely work out of the box on the latest Tesla software to get arbitrary code execution within the sandbox (tonight's little project, most likely).
- Chrome 0-Day
- Exploit of CVE-2020-16040 Google Chrome <= 87.0.4280.88 vulnerability
disable-webassembly
-
CheerpJ 3.0: a JVM replacement in HTML5 and WASM to run Java on modern browsers
Just in case those who prefer not to allow Java need this, here's some info about disabling WASM in various browsers.
https://github.com/stevespringett/disable-webassembly
-
Disable WASM?
Dear All, I was reading https://github.com/stevespringett/disable-webassembly and was wondering if WASM can be disabled in qutebrowser or if it already is disabled when content.javascript.enabled is set to false?
- How-To for disabling WASM (web assembly) to reduce risk (GitHub)
-
Chrome zero-day released on GitHub (fixed on V8 but still works on latest)
For Chrome you can also run:
chrome --js-flags=--noexpose_wasm
More info for other browsers and platforms:
https://github.com/stevespringett/disable-webassembly
- Best Browser for privacy?
What are some alternatives?
WHATWG HTML Standard - HTML Standard
Metasploit - Metasploit Framework
ndk - The Android Native Development Kit
wrangler-legacy - 🤠Home to Wrangler v1 (deprecated)
jvm-alternatives-to-js - Repository comparing JVM alternatives to JS: CheerpJ, GWT, JSweet, TeaVM, Vaadin Flow, bck2brwsr (bonus: React, Dart)
ios-RCE-Vulnerability - Latest ios RCE Vulnerability disclosed by Google Security Researcher
printfify - printf(1)-based encoder
Bytecoder - Framework to interpret and transpile JVM bytecode to JavaScript, OpenCL or WebAssembly.
kotlin-wasm-examples - Examples with Kotlin/Wasm