@Petitoto
Arnaud (@Petitoto) is a French student with a long-standing interest in cybersecurity.
Currently interning at POST Luxembourg, he focuses on browser exploitation and vulnerability research from an offensive perspective.
Session
Modern web browsers are hardened and complex, yet remain high-value targets for attackers. While 0-day research dominates the headlines, building real-world, reliable exploits often involves chaining multiple vulnerabilities. Even when based on n-days, these exploit chains can offer a fast path to initial access during offensive engagements.
From patch diffing to modern mitigations bypass, this talk explores practical techniques for browser exploit development under real-world constraints. It introduces new methods and tools through the demonstration of an exploit chain leveraging three n-day vulnerabilities targeting recent versions of Google Chrome.