Hunting bugs in JavaScriptCore with CodeQL

This presentation was held at #BSidesBUD2021 virtual IT security conference on 27th May 2021. Hunting bugs in JavaScriptCore with CodeQL a presentation by Assaf Sion Hunting bugs in JavaScriptCore might be a difficult task to the common security researcher, but fear no more, CodeQL is here for the rescue! During this presentation we will learn what are side-effects in JavaScript and how they could cause bugs in the JavaScript engine. Then, we’ll gain knowledge about the capabilities of CodeQL, and discover the potential of variant analysis with CodeQL by translating these bugs into a pattern that CodeQL could find. https://bsidesbud.com All rights reserved.