Klaudia Kloc
CEO & Co-Founder of Vidoc Security Lab
She is an ethical hacker that turned founder, with a strong background in offensive security and real-world system exploitation. After years of identifying vulnerabilities in complex infrastructures, she recognized a growing gap between the speed of modern development and the ability to secure it. She has been recognized as a Forbes 30 Under 30 honoree, named among the Top 100 Women in Engineering, and featured in leading global media including Bloomberg, The Washington Post, CNBC, and Forbes.
Articles by Klaudia Kloc
7 articles published
October 24, 2025 (5mo ago)
How we helped make Lovable more secure
A technical deep-dive into exploiting Firebase Auth emulator configuration via cookie injection, mixed-content bypasses, and subdomain trust boundaries - and how VIDOC helped Lovable secure their platform.
October 22, 2025 (5mo ago)
Detecting complex vulnerabilities in real-world code: LLM benchmark for enhanced software security
Traditional SAST tools often miss complex business logic flaws, but can LLMs fill the gap? Research publication by Klaudia Kloc and Dawid Moczadło introduces a real-world benchmark to evaluate AI effectiveness in identifying vulnerabilities that standard tools overlook.
March 27, 2025 (1y ago)
Fake Engineer - Advanced Deepfake Fraud and How to Detect It
The candidate applied for an open backend position at our company Vidoc Security Lab. He had a decent CV and LinkedIn profile but used a deepfake during the coding interview, pretending to be a different person. This incident could be linked to a North Korean hacker group that has used this trick with many other companies.
September 27, 2023 (2y ago)
Vidoc Secures Funding from bValue!
Vidoc Security Lab has secured an investment from bValue, a leading player in the world of venture capital and technology innovation
May 9, 2023 (2y ago)
Ultimate 401 and 403 bypass methods
As a security researcher, I absolutely love the rush of discovering a suspicious endpoint during reconnaissance (which is super easy with VIDOC tool ;). It's exciting to think that you might have stumbled upon something important. However, that excitement can quickly turn into frustration when you're met with a 401 or 403 HTTP response code. Trust me, I've been there. But, over time, I've learned that there are ways to work around these error codes. I want to share some practical tips and techniques that I learned doing research, along with links to modules you can run in Vidoc Research to try to bypass 401 and 403.
February 6, 2023 (3y ago)
How we made $120k bug bounty in a year with good automation
2022 was very busy for several reasons, today we want to present to you what we did and learned doing large-scale bug bounty hunting
November 3, 2022 (3y ago)
Why good Recon is hard, and how we make it easy
What sucks the most about doing recon? It all started with that one tweet ;) Inspired by Greg's post we decided to write a summary of common problems with Recon and why Vidoc Research - our tool for security researchers - solves them all.