Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Apr 19, 2017
This research project has two goals:
Fuzzing the exact same XSLT targets than in 2012, but with a modern toolbox Generalize the bug-finding processes and tools to any other XML-based format. In the process, a new tool exclusively designed to mutate XML documents was developed.
Speaker Bio Nicolas Gregoire has more than 15 years of experience in penetration testing and auditing of networks and (mostly Web) applications. A few years ago, he founded Agarri, a small company where he seeks security bugs for customers and for fun. His research has been presented at numerous conferences around the world and he has been publicly thanked by numerous vendors for responsibly disclosing vulnerabilities in their products. He occasionally participates in bug bounties, and earned the highest rewards from Prezi (twice) and Yahoo. He’s also a long-time user of Burp Suite and an official PortSwigger training partner.