Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

I'm suprised that @Mandiant's recent blog post about obfuscated IP addresses only consider the cases with 0 or 3 do… https://t.co/b9bmVaRq16
1. Thu Jun 01 16:02:21 2023
Yippee, my talk is listed in the "tl;dr sec" newletter! 😎 https://t.co/9jdIBXmQTs
1. Thu Jun 01 15:38:21 2023
RT @MasteringBurp: This month, Burp will be 20 years old 🎂
1. Thu Jun 01 15:17:41 2023
@therealdanymat @Jhaddix @NorthSec_io I assume ffuf and Burp Suite are running on the same machine. If they aren’t,… https://t.co/g1glo82Fnn
1. Fri May 26 16:40:40 2023
RT @Jhaddix: An epic talk on advanced Burp Suite usage by @Agarri_FR at @NorthSec_io : "Burp Suite Pro tips and tricks, the sequel" http…
1. Fri May 26 16:38:20 2023

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)