- Blackshield Awards
- Job Fair
- About Speakers
- Nicolas Grégoire
Founder at AGARRI
Nearly generic fuzzing of XML-based formats
This research project has two goals:
- Fuzzing the exact same XSLT targets than in 2012, but with a modern toolbox
- Generalize the bug-finding processes and tools to any other XML-based format. In the process, a new tool exclusively designed to mutate XML documents was developed.
Nicolas Gregoire has more than 15 years of experience in penetration testing and auditing of networks and (mostly Web) applications. A few years ago, he founded Agarri, a small company where he seeks security bugs for customers and for fun. His research has been presented at numerous conferences around the world and he has been publicly thanked by numerous vendors for responsibly disclosing vulnerabilities in their products. He occasionally participates in bug bounties, and earned the highest rewards from Prezi (twice) and Yahoo. He’s also a long-time user of Burp Suite and an official PortSwigger training partner.