At Conviso, we believe that knowledge is more potent when it’s shared. Our Code Fighters Lab is composed by our Research and Development Team – Information Security Analysts dedicated to continuously studying Application Security, striving to promote relevant information for the AppSec community.
We are truly inspired by the ideal of AppSec as a culture. That’s why our professionals work daily to find new, innovative solutions to security challenges – to then share their findings and collaborate with the community.
Conviso Code Fighters
Researching, Sharing, and Innovating
Our most popular studies, findings, and analysis
Many bounties and many pieces of researches emerge just by looking at the right amount of code at the right path number and them BOOM!
Recently, the researcher wcbowling found a vulnerability in the Exiftool tool, that enabled a malicious actor to perform a Remote code Execution attack.
During a security auditing of the Ruby on Rails source and its dependencies, we discovered two ways to exploit ActiveStorage’s image…
This article: “Why are nonces important on CTR mode ciphers” was written 3 years ago, and is available again on our blog.
Malware (Bank malware mitigations) is the name for a program designed to mistreat its users.
Every day at Conviso both dev and sre teams are working together facing challenges to make Conviso Platform a more complete solution.