Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

RT @brulboei_: @Jaxon1177 @Agarri_FR The real value is not only learning the technique, but @Agarri_FR also provides a platform to actually…
1. Sat Dec 04 22:23:14 2021
RT @Agarri_FR: @haiderinfosec @MrTuxracer Framed differently: you get reimbursed with a SINGLE critical bug. In your whole carrer. Much che…
1. Sat Dec 04 17:14:10 2021
@haiderinfosec @MrTuxracer Framed differently: you get reimbursed with a SINGLE critical bug. In your whole carrer. Much cheaper, isn't it?
1. Sat Dec 04 17:14:06 2021
@Jaxon1177 @brulboei_ Just a few examples. We go much deeper...
1. Sat Dec 04 14:50:09 2021
@Jaxon1177 @brulboei_ Consider a form using anti-CSRF tokens. How to brute-force it in Intruder, w/o macros? How t… https://t.co/mIShqIaN1d
1. Sat Dec 04 14:49:39 2021

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)