AENIMA September 17, 1996

We're here as sponsors of #BSidesSF! Come find us to chat about career opportunities, your next AppSec project or just for some fresh new swag!

The latest coordinated disclosure from our researchers (Norbert Szetei 73696e65 & Viktor Chuchurski Viktor Chuchurski) details a SQLi and DoS via Prototype Pollution in #TypeORM! Time to update! More details: doyensec.com/research.html#… #doyensec #TypeScript #Electron #NodeJS #appsec

Announcing the release of `safeurl` - a library to help #golang devs "Build with Security"! This module provides tested & versatile protection against Server Side Request Forgery (SSRF)! Hurry and check it out! #doyensec #AppSec blog.doyensec.com/2022/12/13/saf… github.com/doyensec/safeu…

📚 tl;dr sec 163 With great work from: Nicolas Fränkel 🇺🇦🇬🇪, Rory McCune, Doyensec, Viktor Chuchurski, @includesecurity, @8x5clPW2, Seth Art, Luke Tucker, Mikail Tunç, Mihai Parparita, Tailscale, veritas, Simon Willison, Mike Privette, ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ 🛡️ and more! tldrsec.com/blog/tldr-sec-…

While crypto wallets are constantly improving, there is still more to be done. The post describes a potential wallet enhancement, which will provide users access to necessary information about the Dapp they’re using, helping them more easily weed out scam attempts.

New advisory! Viktor Chuchurski provides details on a CSRF protection bypass he discovered in Sveltekit. Ensure your apps are up-to-date. #doyensec #appsec #javascript #DevSecOps doyensec.com/resources/Doye…

💳 The case for improving crypto wallet security Research from Viktor Chuchurski on phishing scams targeting crypto wallets and how their security can be improved 🧰 Check their PoC, a service to collect information on ETH Dapps: github.com/doyensec/walle… blog.doyensec.com//2023/03/28/wa…

stop by and say hi!

Let's welcome Viktor Chuchurski in our lineup with his talk "A Race to the Bottom - Database Transactions Undermining Your AppSec". Congrats!

Don’t miss Viktor Chuchurski’s talk at #OWASP Global Appsec.

Stop by and learn how to escape client-side path traversals to CSRF. Maxence SCHMITT Doyensec #owasp #appsec

if your making heavy use of database transactions in your system, make sure that you properly handle concurrency control. head over to out blog and read about the details on how transactions are processed and what issues can arise in the worst case scenarios!

We're proud our testing helps ensure the security of Thinkst Canary's OSS Canary Tokens! As part of their transparency efforts, you can read the results of our latest round of testing here: doyensec.com/resources/Doye… #doyensec #appsec #security #thinkst

↓ A Race to the Bottom How inadequate concurrency control in databases can lead to race condition bugs OWASP® Foundation AppSec Lisbon talk by @doyensec's Viktor Chuchurski 🛠️ Vulnerable Go app github.com/doyensec/db-ra… 📖 Slides doyensec.com/resources/Glob… +Semgrep rules blog.doyensec.com/2024/07/11/dat…

Make sure to catch Viktor Chuchurski's presentation at No Hat this weekend! It's 11:45 in the "Technical track" : 🏁A Race to the Bottom🏁: Database Transactions Undermining Your AppSec #doyensec #appsec #DataSecurity #nohat

Just how I like it

.@KFC follows 11 people. Those 11 people? 5 Spice Girls and 6 guys named Herb. 11 Herbs & Spices. I need time to process this.

Let's rock&roll #GoogleUdacityScholars