Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

RT @Agarri_FR: Maybe you'll be one of the lucky 237,000: curl 'https://{www,admin,test}.rutux.pwn/[2000-2022]/'
1. Mon Sep 27 11:09:31 2021
RT @jsrailton: BREAKING: FIVE French 🇫🇷 ministers' phones infected w/ #Pegasus spyware, per Gov. @jmblanquer - Education @J_Denormandie -…
1. Fri Sep 24 13:35:25 2021
If you miss the reference to 237,000, that's 10,000 * world population / US population https://t.co/TQrnD2e8BJ
1. Fri Sep 24 11:37:57 2021
Maybe you'll be one of the lucky 237,000: curl 'https://{www,admin,test}.rutux.pwn/[2000-2022]/'
1. Fri Sep 24 11:36:00 2021
2 seats left 🌪️
1. Thu Sep 23 08:37:25 2021

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)