Aethlios
Bug Hunter - Pokédex
Reset Tolkien
Last contents
- 9 nov. 2024 - [Slide FR] Speaker - Unlock your brain 2024 - Insecure time-based secret in web applications and Sandwich Attack exploitation
- 18 jul. 2024 - [EN] [FR] Article - Multi-sandwich attack with MongoDB Object ID or the scenario for real-time monitoring of web application invitations
- 29 mar. 2024 - [EN] [FR] Article - Unsecure time-based secret and Sandwich Attack - Analysis of my research and release of the “Reset Tolkien” tool
- 2 dec. 2022 - [Video] [Slide FR] Speaker - JSecIn 2022 - A hodgepodge of bug bounty with a touch of code review
- 26 avr. 2022 - [EN] [FR] Article - Privileged account creation via Mass Assignment towards a full compromise using a Stored XSS
- 6 oct. 2021 - [EN] [FR] Article - Stored XSS in the administrator’s panel due to misuse of MarkupSafe