Enguerran Gillier

Here are my slides from my talk at the Facebook/Google-hosted BountyCon 2019 in Singapore earlier this year: Live Hacking like a MVH – A walkthrough on methodology and strategies to win bighttps://speakerdeck.com/fransrosen/live-hacking-like-a-mvh-a-walkthrough-on-methodology-and-strategies-to-win-big …

CTF-players wanted! See https://github.com/offensi/CTF-challenge … for details. This CTF challenge is an attempt to unite the skills of bounty hunters and CTF-players. Inspired by @the_st0rm and @sirdarckcat #CTF #ctfplayer

Full post-mortem & remediation details of the Apr 11th http://matrix.org  infra security breach are up at https://matrix.org/blog/2019/05/08/post-mortem-and-remediations-for-apr-11-security-incident/ …. The post gives the steps we are taking to avoid future incidents & should help others learn too. Apologies again to everyone who was impacted.

Security update: We just shipped Sydent 1.0.3 & Synapse 0.99.3.1 to address bugs very kindly reported by @opnsec, @Julien_Thomas & @fs0c131y. Please check your Riot/Android is updated too. Seems https://matrix.org/security-disclosure-policy/ … is a great way to find security bugs!https://matrix.org/blog/2019/05/03/security-updates-sydent-1-0-3-synapse-0-99-3-1-and-riot-android-0-9-0-0-8-99-0-8-2-b/ …

#Authentication Platform #Passwordless Technology - Sign Up for free for the beta https://www.cryptr.co  - Cryptr allows administrators and application #developers to have a plug and play authentication solution with a panel of comprehensive services to manage user access.

Recordings are out of "Move Fast and Secure Things (with Static Analysis)" - https://youtu.be/Vj0QVRaw8A4  Would love to know your feedback :)

This is a fantastic read $15 000 за ошибку. Как минский программист ушёл с работы в топ-5 багхантеров Facebook и топ-20 Google (+Гайд, как зарабатывать на багах)https://dev.by/news/15-tysyach-dollarov-za-oshibku …

Facebook awarded a $10000 bounty for an DoS which I found in their TLS implementation. We (@Semmle) asked them to donate it to @TechtonicaOrg. Also @Semmle is making a matching donation to @communityserv.https://lgtm.com/blog/facebook_fizz_CVE-2019-3560 …

Did a Write up of Vimeo SSRF , It was an interesting one. RT if you like it.https://medium.com/@rootxharsh_90844/vimeo-ssrf-with-code-execution-potential-68c774ba7c1e …