Zoom Link: https://nus-sg.zoom.us/meeting/register/tZUpcuirrDsuG9DISlW-hwaCL2-bhpr9--A5

Slides and materials can be found here.

Talk 1: 1900Hrs - 1945Hrs

Title: A Quick Introduction to Manual Source Code Review

Description

If you are new to web security, or wish to look at open source codebases for 0-days but is unsure of how to, feel free to attend and gain some insights to get started on your own. This sharing is about my experience and bugs discovery while looking at Chamilo LMS.

Speaker Bio

Jia Hao is a Greyhats alumnus and currently a security researcher at STAR Labs.

Talk 2: 1945Hrs - 2030Hrs

Title: A case study of an incorrect bitwise and optimization in V8

Description

This presentation is an introduction to developing a proof-of-concept for a Chrome V8 Turbofan vulnerability. In this session, we will take a look at an example, starting with what the bug is, and how the author of an incorrect optimization bug might have developed the POC leading to an out-of-bounds access. Details of exploitation will not be covered but an overview will be given.

Speaker Bio

Lucas is a security researcher in STAR Labs, whose work is mainly focused on n-day analyses.