Agarri: Offensive information security

Recently published vulnerabilities [+]

Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-11)
Firefox: Multiple UAF during XSLT processing (MFSA 2017-10)
Revive Adserver: Arbitrary PHP deserialization (REVIVE-SA-2017-001)
Adobe Reader: Multiple memory corruptions during XSLT processing (APSB 17-01)
Firefox: UAF during XSLT processing (MFSA 2017-01)

RT @Burp_Suite: Burp Suite Pro 2.0.21beta is now available. We've fundamentally re-architected the embedded Chromium browser to improve its…
1. Tue May 21 17:36:31 2019
RT @albinowax: Catch 'HTTP Desync Attacks' at #BHUSA/@BlackHatEvents to find out how I used one simple trick* to persistently compromise Pa…
1. Tue May 21 14:35:47 2019
CVE-2019-5514 is a cool RCE in VMware Fusion 11, abusing an unauthenticated REST endpoint running on localhost 😎 https://t.co/1xLO9sip0A
1. Tue May 21 07:27:05 2019
RT @AbyXss: #nsec19 was incredible. Absolute mind blowing experience ! I'll be there for next year for sure. Kudos to @NorthSec_io voluntee…
1. Sun May 19 23:34:33 2019
RT @ylevalle: Congratulations @NorthSec_io on the great 2019 CTF! The creativity of the challenges is amazing (the VR one, the escape room,…
1. Sun May 19 23:33:24 2019

Nearly generic fuzzing of XML-based formats
1. Nullcon (March 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (November 2015 - CA - video (FR))
2. Hack in Paris (June 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (May 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (December 2014 - CZ)
2. ZeroNights (November 2014 - RU - slides)
3. Hacktivity (October 2014 - HU - video)