Recently published vulnerabilities [+]

• Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
• Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
• Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
• Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
• Firefox: UAF during XSLT processing (MFSA 2017-01)

Upcoming "Burp Suite Pro" trainings [+]

• Ringzer0 Las Vegas, USA (August 1st, 2nd, 4th and 6th 2020) SOLD OUT
• Ekoparty Buenos Aires, Argentina CANCELLED
• Center for Cyber Security Training San Francisco, CA (March 8th to 11th, 2021)
• Center for Cyber Security Training Columbia, MD (July 19th to 22nd, 2021)

Recent talks [+]

• Nearly generic fuzzing of XML-based formats
  1. Nullcon (March 2017 - Goa - IN - slides - video)
• Server-side browsing considered harmful
  1. Hackfest (November 2015 - CA - video (FR))
  2. Hack in Paris (June 2015 - FR)
  3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
• Hunting for top bounties
  1. OWASP CZ (December 2014 - CZ)
  2. ZeroNights (November 2014 - RU - slides)
  3. Hacktivity (October 2014 - HU - video)