Agarri : Sécurité informatique offensive

Vulnérabiliés récentes [+]

Adobe Reader : Multiples corruptions lors d'un traitement XSLT (APSB 17-11)
Firefox: Multiples UAF lors d'un traitement XSLT (MFSA 2017-10)
Revive Adserver : Désérialisation PHP arbitraire (REVIVE-SA-2017-001)
Adobe Reader : Multiples corruptions lors d'un traitement XSLT (APSB 17-01)
Firefox : UAF lors d'un traitement XSLT (MFSA 2017-01)

RT @Burp_Suite: Burp Suite Pro/Community 2.1.01 released, with support for WebSockets in Burp Repeater. https://t.co/dYFYSBWGN9
1. Wed Jul 17 05:24:13 2019
RT @GoSecure_Inc: Exploiting XXE with local DTDs has never been easier with this new tool that will find local DTDs for you and generate pa…
1. Wed Jul 17 05:01:21 2019
RT @nnwakelam: I just went back and referenced https://t.co/L8ahczKOEZ again by @Agarri_FR - seriously great slides if you haven’t seen it…
1. Tue Jul 16 09:04:53 2019
RT @alisaesage: Binary exploiters and their brutal pragmatism https://t.co/9k79QqjJLg
1. Sat Jul 13 09:56:06 2019
We had the same vulns in Perl 20 years ago... #PipeInFilename https://t.co/PEsKqXR9j0
1. Fri Jul 12 13:45:34 2019

Nearly generic fuzzing of XML-based formats
1. Nullcon (mars 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (novembre 2015 - CA - video (FR))
2. Hack in Paris (juin 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (Mai 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (décembre 2014 - CZ)
2. ZeroNights (novembre 2014 - RU - slides)
3. Hacktivity (octobre 2014 - HU - video)