Every day at Conviso both dev and sre teams are working together facing challenges to make Conviso Platform a more complete…
Let’s talk about October CMS Token Reactivation. Don’t get me wrong, but I believe that ‘luck’ many times is really a thing in…
JWT (JSON WEB Tokens) is an open standard, documented by RFC-7519, that defines how to transmit and store JSON objects in a simple, compact…
Have you ever wanted to search something from the Mitre database but didn’t really wanted to leave your Slack conversation? Is a group…
In order to enable communication between different platforms, the use of APIs (Application Programming Interface) is becoming increasingly…
A crucial element for the Red Team’s task is having stealth to perform the attack, success in the ability to expose an aggressive mindset…
As GraphQL is the star of this publication, we need to contextualize a little about it.
You can also listen to the audio version of this…
Since the beginning of the year in my trajectory in the Pentest as a Service (PTaaS) team at Conviso, I have been following the operations…
Recently, the researcher wcbowling[1] found a vulnerability in the Exiftool tool, that enabled a malicious actor to perform a Remote code…