Agarri: Offensive information security

Welcome!
Agarri is small company dedicated to the offensive aspects of information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

Upcoming "Burp Suite Pro" trainings [+]

~~Hack In The Box Amsterdam, Netherlands~~ CANCELLED
~~Northsec Montreal, Canada~~ CANCELLED
Insomni'hack Geneva, Switzerland (June, 1st 2020 - June, 3rd 2020)
Ringzer0 Las Vegas, USA (August, 1st 2020 - August, 4th 2020)
Ekoparty Buenos Aires, Argentina (September 20th, 2020 - September 22nd 2020)

Latest tweets [+]

@ant0inet @angealbertini It depends which kind of technicians you refer to... 😉 https://t.co/9BN4VMyiso
1. Thu Apr 09 20:24:27 2020
@dn3t Will do!
1. Thu Apr 09 19:30:38 2020
@daeken .@angealbertini may appreciate...
1. Thu Apr 09 19:17:04 2020
@angealbertini «The first time you do something, it’s science. The second time, it’s engineering. The third time, i… https://t.co/oeiXElADCp
1. Thu Apr 09 19:13:39 2020
@mod0 Looks good! (IANAL)
1. Thu Apr 09 18:40:40 2020

Recent talks [+]

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)

Recent blog posts [+]

Intruder and CSRF-protected form, without macros
1. 13/01/2020 23h51
Back to blogging?
1. 24/01/2019 15h33
Exploiting a Blind XSS using Burp Suite
1. 04/04/2017 22h55
Deserialization in Perl v5.8
1. 06/02/2016 20h30
AMF parsing and XXE
1. 17/12/2015 19h16

webmaster@agarri.fr
Copyright 2010-2020 Agarri