Julio Araujo
Head of Security @ Rocket.Chat
Orléans, France
Actions
Brazilian security professional based in France, Julio Araujo is currently the Head of Security at Rocket.Chat. With over 5 years of experience in the offensive and application security spaces, his challenge revolves around securing an open-source project that is used in critical industries.
Links
Area of Expertise
Topics
Introduction to Hacking Electron Apps: From Bug to Breach
Electron powers many of today’s most popular desktop applications. However, hidden within these applications, there could be serious and overlooked misconfigurations. We’ll delve into how minor errors, such as enabling nodeIntegration, using insecure ASAR packaging, and so on, can escalate into system compromise.
This talk will provide practical examples by leveraging vulnerable applications. We’ll demonstrate how Cross-Site Scripting (XSS) can lead to Remote Code Execution (RCE) and how the lack of ASAR integrity can enable attackers to establish persistence on a victim’s computer.
The purpose of this talk is to introduce the topic of Electron-based security issues to a broad and diverse audience, shedding light on the security of modern desktop applications.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top