Agarri : Sécurité informatique offensive

Vulnérabiliés récentes [+]

Adobe Reader : Multiples corruptions lors d'un traitement XSLT (APSB 17-11)
Firefox: Multiples UAF lors d'un traitement XSLT (MFSA 2017-10)
Revive Adserver : Désérialisation PHP arbitraire (REVIVE-SA-2017-001)
Adobe Reader : Multiples corruptions lors d'un traitement XSLT (APSB 17-01)
Firefox : UAF lors d'un traitement XSLT (MFSA 2017-01)

@irsdl @albinowax Yes, it’s one of the core features.
1. Mon Mar 25 16:37:59 2019
RT @albinowax: Turbo Intruder now supports synchronised last-byte delivery, to help you coax out well-hidden race conditions https://t.co/Q…
1. Mon Mar 25 16:36:06 2019
@Sternze I’d say no, if only predefined entities like & work. Furthermore, iirc, SOAP specifications explicitly… https://t.co/eAl9a9Vhw6
1. Mon Mar 25 14:34:38 2019
RT @LiveOverflow: A weird Return-oriented Programming tutorial. https://t.co/Td9a5N1o0h https://t.co/NCLwSuQbVn
1. Sun Mar 24 20:27:36 2019
RT @Securityblog: To all bug bounty hunters! Solve this challenge from @yeswehack https://t.co/jUO6GpR96I One year of Burp pro for you!
1. Sun Mar 24 19:38:02 2019

Nearly generic fuzzing of XML-based formats
1. Nullcon (mars 2017 - Goa - IN - slides - video)
Server-side browsing considered harmful
1. Hackfest (novembre 2015 - CA - video (FR))
2. Hack in Paris (juin 2015 - FR)
3. HackPra Allstars - OWASP AppSec EU (Mai 2015 - NL - slides - video)
Hunting for top bounties
1. OWASP CZ (décembre 2014 - CZ)
2. ZeroNights (novembre 2014 - RU - slides)
3. Hacktivity (octobre 2014 - HU - video)