All decks Close
All decks 4

  • GreHack 2024 | Playing with HTML parsing to bypass DOMPurify on default configuration

    Oct 30, 2024 1,070 7

  • DOMLogger++ | BreizhCTF2024

    May 15, 2024 421 1

  • SSTIC 2023 | Abusing Client-Side Desync on Werkzeug | CVE-2022-29361

    May 18, 2023 1,420 2

  • Electron Security | CVE-2022-3133

    I gave this talk for the following conferences: ESAIP Cyber (26/10/2022) | <a href="https://www.root-me.org/">Root Me</a> (13/12/2022)

    Oct 22, 2022 2,638 0