Every day at Conviso both dev and sre teams are working together facing challenges to makeConviso Platforma more complete…
Let’s talk about October CMS Token Reactivation. Don’t get me wrong, but I believe that ‘luck’ many times is really a thing in…
JWT (JSON WEB Tokens) is an open standard, documented by RFC-7519, that defines how to transmit and store JSON objects in a simple, compact…
Have you ever wanted to search something from the Mitre database but didn’t really wanted to leave your Slack conversation? Is a group…
In order to enable communication between different platforms, the use of APIs (Application Programming Interface) is becoming increasingly…
A crucial element for the Red Team’s task is having stealth to perform the attack, success in the ability to expose an aggressive mindset…
As GraphQL is the star of this publication, we need to contextualize a little about it.
is a query-based language with a focus on APIs…
Since the beginning of the year in my trajectory in the Pentest as a Service (PTaaS) team at Conviso, I have been following the operations…
Recently, the researcher wcbowling[1] found a vulnerability in the Exiftool tool, that enabled a malicious actor to perform a Remote code…