JWT (JSON WEB Tokens) is an open standard, documented by RFC-7519, that defines how to transmit and store JSON objects in a simple, compact…
Have you ever wanted to search something from the Mitre database but didn’t really wanted to leave your Slack conversation? Is a group…
In order to enable communication between different platforms, the use of APIs (Application Programming Interface) is becoming increasingly…
A crucial element for the Red Team’s task is having stealth to perform the attack, success in the ability to expose an aggressive mindset…
As GraphQL is the star of this publication, we need to contextualize a little about it.
You can also listen to the audio version of this…
Since the beginning of the year in my trajectory in the Pentest as a Service (PTaaS) team at Conviso, I have been following the operations…
Recently, the researcher wcbowling[1] found a vulnerability in the Exiftool tool, that enabled a malicious actor to perform a Remote code…