Doyensec

??The latest edition of !exploitable is here! We're sharing all the joy that comes with exploiting an arbitrary file write in GitLab, while cruising the Mediterranean. ?? Everything from onerous configurations to spotty internet! Enjoy! #doyensec #appsec #security https://lnkd.in/gMZYQY64

We're looking for a promising intern in the US or EU to join our team this summer! Sharpen your skills and develop new ones alongside the best, while performing real-world testing and application security research. Learn more today at https://lnkd.in/gxYSHt5F ! #doyensec #appsec #security #internship

Join us in welcoming Michael J. Pastor back to the team! They're returning to #Doyensec following their internship! We pride ourselves on the fact that all of our past interns have transitioned into an Application Security Engineer position with us. #appsec #security #internship

Knock, knock, everyone. ?? Want to see how far the rabbit hole goes? Check out our latest blog post where we walk you through exploiting one of the most famous vulnerabilities ever - while on a cruise! ??? https://lnkd.in/gkjh_2ds #doyensec #appsec #security

We're looking for a promising intern in the US or EU to join our team this summer! Sharpen your skills and develop new ones alongside the best, while performing real-world testing and application security research. Learn more today at https://lnkd.in/gxYSHt5F ! #doyensec #appsec #security #internship

Ahoy! ?? The first post in our "!exploitable" series provides a technical dive ?? into the sea of IoT exploitation. Read it today to learn how our team ???? developed an exploit while floating in the Mediterranean! ?? https://lnkd.in/gxgcUPmT #doyensec #appsec #security #iot #exploits

?? PESD v2.0 is now in the BApp store! Effortlessly generate dynamic sequence diagrams directly from #BurpSuite traffic! This is such a great tool for anyone wanting to understand and/or communicate application request/response flows in apps! Plus, now you can also create your own theme, conveniently edit the generated diagrams with MD syntax and much more! Install it today! ?? #doyensec #appsec #security

?? Join us in welcoming Alessandro Versari to the #Doyensec team! ??

While exploring various OAuth attack write-ups, I noticed two key things: 1?? These vulnerabilities are still very common. 2?? Due to OAuth’s complexity, some attack vectors keep resurfacing every few years. To help tackle these challenges, -José Catalán Tatay- and I created a comprehensive guide on OAuth flows and the attacks targeting them. We also put together a cheat sheet—a practical resource for developers and security engineers to systematically verify their OAuth implementations and configurations. Check it out here! ?? Blogpost: https://lnkd.in/dGBQcKv5 ??Cheat Sheet: https://lnkd.in/dswBNBup

Despite being central to their security, many organizations struggle to securely implement #OAuth. Our new blog post walks through common issues and how to prevent them, along with providing a useful checklist! Read it today to ensure your org is secure: https://lnkd.in/ghbKkAXj #doyensec #security #appsec #dev #app #web