Recently published vulnerabilities [+]

• Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
• Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
• Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
• Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
• Firefox: UAF during XSLT processing (MFSA 2017-01)

Upcoming "Burp Suite Pro" trainings [+]

• November 2020 in French on UTC+1 (November 3rd to 6th, 2020)
• December 2020 in English on UTC+1 (December 15th to 18th, 2020)
• January 2021 in French on UTC-5 (January 26th to 29th, 2021)
• February 2021 in English on UTC+8 (February 9th to 12th, 2021)
• March 2021 in English on UTC-8 (March 9th to 12th, 2021)

Recent talks [+]

• Nearly generic fuzzing of XML-based formats
  1. Nullcon (March 2017 - Goa - IN - slides - video)
• Server-side browsing considered harmful
  1. Hackfest (November 2015 - CA - video (FR))
  2. Hack in Paris (June 2015 - FR)
  3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
• Hunting for top bounties
  1. OWASP CZ (December 2014 - CZ)
  2. ZeroNights (November 2014 - RU - slides)
  3. Hacktivity (October 2014 - HU - video)