Home
Company
Publications
Trainings
Blog
Welcome!
Agarri is small company dedicated to the offensive aspects of information security
Recently published vulnerabilities
[+]
Adobe Reader: Multiple memory corruptions during XSLT processing (
APSB 17-11
)
Firefox: Multiple UAF during XSLT processing (
MFSA 2017-10
)
Revive Adserver: Arbitrary PHP deserialization (
REVIVE-SA-2017-001
)
Adobe Reader: Multiple memory corruptions during XSLT processing (
APSB 17-01
)
Firefox: UAF during XSLT processing (
MFSA 2017-01
)
Upcoming "Burp Suite Pro" trainings
[+]
Details of upcoming sessions will be published in April or May 2021.
Latest tweets
[+]
RT
@tylerni7
: The international politics aspect of this is beyond my expertise. But PT has great security researchers that release useful,โฆ
Thu Apr 15 19:40:57 2021
I would bet numerous actors are highly interested in remotely reading /sdcard/ ๐ฎโโ๏ธ๐ต๏ธโโ๏ธ
Thu Apr 15 19:33:34 2021
Cool bug, and itโs only the beginning of their chain. Read the whole thread ๐
https://t.co/RQP5P7gsCQ
Thu Apr 15 19:30:03 2021
Sometimes, reporting bugs to a vendor goes very well. Good job
@duosec
and
@sensepost
๐๐ป
https://t.co/xCj4I8OBtP
Thu Apr 15 17:49:21 2021
RT
@i_bo0om
: Server-side request forgery via ftp account
https://t.co/hbRoCq4Q8S
Wed Apr 14 07:27:50 2021
Recent talks
[+]
Nearly generic fuzzing of XML-based formats
Nullcon
(March 2017 - Goa - IN -
slides
-
video
)
Server-side browsing considered harmful
Hackfest
(November 2015 - CA -
video (FR)
)
Hack in Paris
(June 2015 - FR)
HackPra Allstars - OWASP AppSec EU
(May 2015 - NL -
slides
-
video
)
Hunting for top bounties
OWASP CZ
(December 2014 - CZ)
ZeroNights
(November 2014 - RU -
slides
)
Hacktivity
(October 2014 - HU -
video
)
Recent blog posts
[+]
Intruder and CSRF-protected form, without macros
13/01/2020 23h51
Back to blogging?
24/01/2019 15h33
Exploiting a Blind XSS using Burp Suite
04/04/2017 22h55
Deserialization in Perl v5.8
06/02/2016 20h30
AMF parsing and XXE
17/12/2015 19h16
webmaster@agarri.fr
Copyright 2010-2020 Agarri
