Code Fighters

Lab

Na Conviso, nós acreditamos que o conhecimento é mais potente quando é compartilhado. Nosso Code Fighters Lab é composto pelo nosso time de Pesquisa e Desenvolvimento - pesquisadores de Segurança de Informação dedicados a estudar AppSec de forma contínua para trazer informação e desenvolvimento para a comunidade. A cultura de AppSec é um ideal que nos inspira. Nossos profissionais trabalham diariamente com o objetivo de trazer soluções inovadoras para os desafios de appsec - compartilhando suas descobertas e experiências e colaborando com a comunidade.

Explore nossas descobertas recentes

Conviso Code Fighters

Pesquisa, Colaboração e Inovação

Gabriel Quadros
Security Researcher
Ricardo Silva
Security Researcher
Rangel Rosa
Security Engineer
Uilton Lopes
Security Engineer
Gustavo Dutra
Security Researcher
Descobertas Relevantes

Nossos estudos, análises e pesquisas mais populares

Blog img
07/10/2021

CVE: 2021–3311 October CMS Token Reactivation

By
Anisio Santos

Many bounties and many pieces of researches emerge just by looking at the right amount of code at the right path number and them BOOM!

Learn more
Blog img
19/05/2021

A case study on: CVE-2021-22204 – Exiftool RCE

By
Gustavo Dutra

Recently, the researcher wcbowling found a vulnerability in the Exiftool tool, that enabled a malicious actor to perform a Remote code Execution attack.

Learn more
Blog img
10/03/2022

CVE-2022-21831: Overview of the security issues we found in Rails’s image processing API

By
Communication Team

During a security auditing of the Ruby on Rails source and its dependencies, we discovered two ways to exploit ActiveStorage’s image…

Learn more
Blog img
27/12/2021

Why are nonces important on CTR mode ciphers

By
Communication Team

This article: “Why are nonces important on CTR mode ciphers” was written 3 years ago, and is available again on our blog.

Learn more
Blog img
04/11/2021

Bank malware mitigations

By
Communication Team

Malware (Bank malware mitigations) is the name for a program designed to mistreat its users.

Learn more
Blog img
28/10/2021

Veracode API: Getting things done with AWS Lambda and AWS API Gateway

Every day at Conviso both dev and sre teams are working together facing challenges to make Conviso Platform a more complete solution.

By
Daniel Arenas
Learn more