Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

RT @MalwareTechBlog: Little confused by this whole "Black Hat is racist" argument. The term came from hat colors in western movies, and has…
1. Sat Jul 04 22:40:06 2020
RT @dilbertstrip: Comic for July 04, 2020 #dilbert https://t.co/o5yPqneiuO https://t.co/3wP72C3abH
1. Sat Jul 04 21:46:34 2020
@dozernz @secalert Especially in SSRF scenarios!
1. Fri Jul 03 09:56:01 2020
@secalert I do exactly that!
1. Fri Jul 03 08:06:55 2020
RT @Agarri_FR: #ProTip When a webapp proposes several output formats (ex: json and xml), brute-force this value (txt, csv, raw, html, pdf,…
1. Fri Jul 03 07:25:08 2020

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)