A technical deep-dive into exploiting Firebase Auth emulator configuration via cookie injection, mixed-content bypasses, and subdomain trust boundarie...
The leaked Claude Code source shows meaningful controls around the agent itself, but far less built-in security judgment around the software it writes.
A technical deep-dive into exploiting Firebase Auth emulator configuration via cookie injection, mixed-content bypasses, and subdomain trust boundaries - and how VIDOC helped Lovable secure their platform.
Traditional SAST tools often miss complex business logic flaws, but can LLMs fill the gap? Research publication by Klaudia Kloc and Dawid Moczadło introduces a real-world benchmark to evaluate AI effectiveness in identifying vulnerabilities that standard tools overlook.
AI-generated code ships fast but introduces predictable security holes: plain-text password storage, missing auth on new endpoints, SQLi from unsanitized inputs, and hallucinated packages (slopsquatting). Here's what to check and how to fix each one.
Large language models can now reliably spot real-world zero-day vulnerabilities through brute-force iteration. We explain how it works, what it means for red teams, and why defenders should be paying close attention.
The candidate applied for an open backend position at our company Vidoc Security Lab. He had a decent CV and LinkedIn profile but used a deepfake during the coding interview, pretending to be a different person. This incident could be linked to a North Korean hacker group that has used this trick with many other companies.
Part 2 of our Python API security guide: implementing JWT auth correctly, rate limiting to prevent abuse, input validation against injection attacks, and the most common vulnerabilities in Django and FastAPI endpoints.
Third-party packages are the most exploited attack vector in modern web apps. This guide covers how SCA tools work, what dependency scanning misses in AI-accelerated development, and how to integrate it into your CI/CD pipeline.
A practical guide to prototype pollution: how pollution sources reach gadgets, how to test with ?__proto__[key]=value and constructor.prototype, and how real-world CVEs have been exploited in the wild.
Beginners guide to this common security misconfiguration. Here you'll find the steps to quickly spot and exploit CORS vulnerabilities out in the wild. Shall we start?
SAST tools overlook more than 85% of CVEs in real-world scenarios. Outdated security automation can't keep pace with rapid code development. There is the hidden cost of security automation - validating false positives.
AI tools like Copilot and Cursor frequently hardcode secrets and commit .env files by accident. This guide covers secrets detection, vault setup, CI/CD scanning, and how to audit AI-generated code for credential leaks.
Most API security guides cover the obvious. This one focuses on the checks that get skipped under deadline pressure: broken object-level auth, mass assignment, unauthenticated endpoints added during refactors, and more. With code examples.
Distinguishing between SAST & DAST is crucial for any robust security strategy. Adopting a unified approach, by leveraging both scans, ensures that your software remains secure during its lifecycle, effectively mitigating potential risks and vulnerabilities in today's fast-paced digital environment.
AI pentesting and automated pentesting solve different problems. We compare both approaches — capabilities, tooling, costs, and when to use each — so you can make the right call for your security program.
Beginners guide to Reflected XSS. Everyone talks about the different XSS cheatsheets, and then you are supposed to try them one by one to see if any of the payloads get executed on your target. We don't like that. It's time-consuming and a mindless task.
The impact of an AWS S3 Bucket Takeover can range from none, account takeover, and even up to RCE. In this article, we'll tell you how to find it and maximize its impact
Next.js 14 Server Actions look like magic but expose auth bypass and data leak vectors that traditional scanners miss entirely. We break down the risks and why the experimental Taint API isn't enough on its own.
Security implications of DEBUG=true in Django. Learnings from an ethical hacker's perspective
Vidoc Security Lab has secured an investment from bValue, a leading player in the world of venture capital and technology innovation
As a security researcher, I absolutely love the rush of discovering a suspicious endpoint during reconnaissance (which is super easy with VIDOC tool ;). It's exciting to think that you might have stumbled upon something important. However, that excitement can quickly turn into frustration when you're met with a 401 or 403 HTTP response code. Trust me, I've been there. But, over time, I've learned that there are ways to work around these error codes. I want to share some practical tips and techniques that I learned doing research, along with links to modules you can run in Vidoc Research to try to bypass 401 and 403.
2022 was very busy for several reasons, today we want to present to you what we did and learned doing large-scale bug bounty hunting
What sucks the most about doing recon? It all started with that one tweet ;) Inspired by Greg's post we decided to write a summary of common problems with Recon and why Vidoc Research - our tool for security researchers - solves them all.
We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...
