SecuriTEA & Crumpets - Episode 5 - Parsia Hakimian

SecuriTEA & Crumpets is a series where security professionals come together to talk about their background, research, and interesting topics. The fifth episode is with Parsia Hakimian. He is a senior security engineer at Electronic Arts, Parsia has spoken at defcon on blockchain hacking and has a wide expertise in hacking games, thick clients, and modern web technologies. Parsia documents most of his brain on his blog https://parsiya.net/ and ramblings on his twitter https://twitter.com/CryptoGangsta.

In this episode, Parsia reverse engineers the cryptomagic protocol of Nordpass' browser extension. This involves Reversing JavaScript with VS Code's symbol renaming!

00:00 Intro
2:05 Life at EA Games
6:10 What technical skills are required to test video games?
12:37 Thick Clients
26:36 Parsia Clone
29:41 Manual Work Is A Bug
33:33 ESLinter
36:58 Live demo of debugging chrome extensions


References:
https://secret.club/
https://guidedhacking.com/
https://parsiya.net/
https://github.com/microsoft/AttackSurfaceAnalyzer
https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
https://github.com/googleprojectzero/symboliclink-testing-tools
https://queue.acm.org/detail.cfm?id=3197520
https://github.com/parsiya/eslinter
https://github.com/mandatoryprogrammer/tarnish
https://gchq.github.io/CyberChef/
https://grep.app

Тэги:

#Security #Infosec #appsec #security #hacking

Скачать видео