Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

@hackingkurzy It was PayloadPayload. But IRL, try both! 😉
1. Mon Sep 20 15:54:47 2021
RT @jsrailton: WATCH: an election being stolen in realtime. Join me on a THREAD of videos from Russia🇷🇺 this weekend. Exhibit A: can you…
1. Mon Sep 20 15:49:22 2021
#Protip When testing a sanitizer, always try to inject the payload twice. Exemple of the day (w/o any security impa… https://t.co/FhhXSZratc
1. Mon Sep 20 15:00:54 2021
RT @ericfreyss: Je rappelle qu'on peut signaler tout vulnérabilité ou faille de sécurité découverte sur un SI français soit en prenant cont…
1. Sun Sep 19 19:40:35 2021
The French Touch 👌🇫🇷 https://t.co/5aECXq6uUF
1. Sat Sep 18 09:46:40 2021

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)