Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

RT @rnmx123: @Agarri_FR Hey Nico 👋 this is one of the rare examples where everybody is happy except the instructor :D feedback says you did…
1. Sun Nov 10 18:24:33 2019
RT @find_evil: This is what some men really think. Imagine being a woman and seeing these comments on the super cool Wired video of a (high…
1. Sat Nov 09 12:50:10 2019
SLK, the format which keeps giving (my first MS Office memory corruption bug was using SLK too) https://t.co/OeKweTa5CE
1. Fri Nov 08 22:16:54 2019
RT @Agarri_FR: @sanjogpanda For targets using JS for navigation, v1 was better than v2.1.04, but v2.1.05 looks promising. For JS-less targe…
1. Thu Nov 07 19:28:04 2019
@sanjogpanda For targets using JS for navigation, v1 was better than v2.1.04, but v2.1.05 looks promising. For JS-l… https://t.co/lHm1Y69mLk
1. Thu Nov 07 19:24:26 2019

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)