Security writeups from researchers for researchers

We scan, we hack, we write about it. New interesting vulnerabilities, attack techniques, tools and bug bounty tips.

Log in Subscribe

Home
About

API Security: Best Practices for Python Developers - Part II

API Security: Best Practices for Python Developers - Part II

Part II of the Developer’s Guide for a secure API implementation. Devs are the core of web applications, that's why you should continue learning how to prevent common attacks and secure your endpoints correctly. Avoid deploying vulnerable code by taking into account these Security Best Practices.

Oriana Olivetti

11 Jun 2024 · 7 min read

Why Dependency Security Is Your First Line of Defense Against Cyber Threats

Why Dependency Security Is Your First Line of Defense Against Cyber Threats

Explore the technical essentials of Software Composition Analysis (SCA) and dependency scanning, crucial tools for securing software against cyber threats in AI-driven development environments.

Oriana Olivetti

29 May 2024 · 3 min read

Beginner’s Guide to Client Prototype Pollution vulnerabilities

Beginner’s Guide to Client Prototype Pollution vulnerabilities

The perfect introduction for those wanting to understand Prototype Pollution vulnerabilities and exploits. Because not everyone knows how Objects in JavaScript work, but we are about to change that! Are you up for the challenge?

Oriana Olivetti

15 May 2024 · 5 min read

Pentesting Cross-Origin Resource Sharing (CORS) vulnerabilities

Pentesting Cross-Origin Resource Sharing (CORS) vulnerabilities

Beginners guide to this common security misconfiguration. Here you'll find the steps to quickly spot and exploit CORS vulnerabilities out in the wild. Shall we start?

Oriana Olivetti

30 Apr 2024 · 4 min read

State of Security Automation

State of Security Automation

SAST tools overlook more than 85% of CVEs in real-world scenarios. Outdated security automation can't keep pace with rapid code development. There is the hidden cost of security automation - validating false positives.

Dawid Moczadło

9 Apr 2024 · 3 min read

The Developer's Guide to Effective Secrets Management

The Developer's Guide to Effective Secrets Management

Discover how to safeguard your applications with effective secrets management. Learn about the challenges of secrets detection and how Vidoc Security Lab's AI Security Engineer can revolutionize your security measures against AI-generated code threats.

Oriana Olivetti

2 Apr 2024 · 3 min read

© 2024 Vidoc Security Lab - blog. All rights reserved.