home.social

#doyensec — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #doyensec, aggregated by home.social.

  1. Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!

    Contact us today to see how our research-driven approach shapes the future of #appsec!

    anthropic.com/research/glasswi

    #doyensec #security #ai #claude #claudecode #claudemythos #anthropic

  2. Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!

    Contact us today to see how our research-driven approach shapes the future of #appsec!

    anthropic.com/research/glasswi

    #doyensec #security #ai #claude #claudecode #claudemythos #anthropic

  3. Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!

    Contact us today to see how our research-driven approach shapes the future of #appsec!

    anthropic.com/research/glasswi

    #doyensec #security #ai #claude #claudecode #claudemythos #anthropic

  4. Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!

    Contact us today to see how our research-driven approach shapes the future of #appsec!

    anthropic.com/research/glasswi

    #doyensec #security #ai #claude #claudecode #claudemythos #anthropic

  5. Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!

    Contact us today to see how our research-driven approach shapes the future of #appsec!

    anthropic.com/research/glasswi

    #doyensec #security #ai #claude #claudecode #claudemythos #anthropic

  6. New #CloudSecTidbits explores how misconfigured AWS ELBs can silently break security boundaries through rule shadowing, CloudFront/WAF bypasses, and alternate routing paths.

    We’re also releasing ELBaph — a new read-only tool to map ELB routing graphs, detect exposed paths, and surface real-world attack chains across ALBs/NLBs.

    blog.doyensec.com/2026/05/25/c

    #AppSec #Doyensec #AWS #CloudSecurity #AppSec #SecurityResearch

  7. New #CloudSecTidbits explores how misconfigured AWS ELBs can silently break security boundaries through rule shadowing, CloudFront/WAF bypasses, and alternate routing paths.

    We’re also releasing ELBaph — a new read-only tool to map ELB routing graphs, detect exposed paths, and surface real-world attack chains across ALBs/NLBs.

    blog.doyensec.com/2026/05/25/c

    #AppSec #Doyensec #AWS #CloudSecurity #AppSec #SecurityResearch

  8. While we're happy for our prize and that our exploit targeting OpenAI's Codex in the Coding Agent category was successful at #PWN2OWN, this was a collision💥 as the bug was previously known to the vendor. Back to the research! #P2OBerlin

    #doyensec #appsec #security #ai #openai

  9. While we're happy for our prize and that our exploit targeting OpenAI's Codex in the Coding Agent category was successful at #PWN2OWN, this was a collision💥 as the bug was previously known to the vendor. Back to the research! #P2OBerlin

    #doyensec #appsec #security #ai #openai

  10. While we're happy for our prize and that our exploit targeting OpenAI's Codex in the Coding Agent category was successful at #PWN2OWN, this was a collision💥 as the bug was previously known to the vendor. Back to the research! #P2OBerlin

    #doyensec #appsec #security #ai #openai

  11. While we're happy for our prize and that our exploit targeting OpenAI's Codex in the Coding Agent category was successful at #PWN2OWN, this was a collision💥 as the bug was previously known to the vendor. Back to the research! #P2OBerlin

    #doyensec #appsec #security #ai #openai

  12. While we're happy for our prize and that our exploit targeting OpenAI's Codex in the Coding Agent category was successful at #PWN2OWN, this was a collision💥 as the bug was previously known to the vendor. Back to the research! #P2OBerlin

    #doyensec #appsec #security #ai #openai

  13. If you're attending #PWN2OWN, be sure to watch Doyensec's Leonardo Giovannini demonstrate his #OpenAI Codex 0day exploit live Thursday, May 14 at 15:30.

    If you can't make it in person, keep an eye on blog.doyensec.com/ for more great #ai security research like this - coming very soon!

    See the PWN2OWN schedule here: zerodayinitiative.com/blog/202

    #appsec #doyensec #ai #0day #exploit

  14. If you're attending #PWN2OWN, be sure to watch Doyensec's Leonardo Giovannini demonstrate his #OpenAI Codex 0day exploit live Thursday, May 14 at 15:30.

    If you can't make it in person, keep an eye on blog.doyensec.com/ for more great #ai security research like this - coming very soon!

    See the PWN2OWN schedule here: zerodayinitiative.com/blog/202

    #appsec #doyensec #ai #0day #exploit

  15. If you're attending #PWN2OWN, be sure to watch Doyensec's Leonardo Giovannini demonstrate his #OpenAI Codex 0day exploit live Thursday, May 14 at 15:30.

    If you can't make it in person, keep an eye on blog.doyensec.com/ for more great #ai security research like this - coming very soon!

    See the PWN2OWN schedule here: zerodayinitiative.com/blog/202

    #appsec #doyensec #ai #0day #exploit

  16. If you're attending #PWN2OWN, be sure to watch Doyensec's Leonardo Giovannini demonstrate his #OpenAI Codex 0day exploit live Thursday, May 14 at 15:30.

    If you can't make it in person, keep an eye on blog.doyensec.com/ for more great #ai security research like this - coming very soon!

    See the PWN2OWN schedule here: zerodayinitiative.com/blog/202

    #appsec #doyensec #ai #0day #exploit

  17. If you're attending #PWN2OWN, be sure to watch Doyensec's Leonardo Giovannini demonstrate his #OpenAI Codex 0day exploit live Thursday, May 14 at 15:30.

    If you can't make it in person, keep an eye on blog.doyensec.com/ for more great #ai security research like this - coming very soon!

    See the PWN2OWN schedule here: zerodayinitiative.com/blog/202

    #appsec #doyensec #ai #0day #exploit

  18. Proud to share that #Doyensec has 3 unpatched 0day submissions for this year's #PWN2OWN - one for each #AI Coding Agent category target & our OpenAI Codex exploit was selected for the competition! The other vulnerabilities have been reported to the other vendors.

    #security

  19. Read how #Doyensec went beyond the basic #AI & web testing to reshape how our client thinks about risks and how we enabled them to evaluate a previously unknown attack surface. It’s amazing when our passion for #appsec has such a big impact!

    #security

    unit21.ai/blog/risk-decisions-

  20. A great day 1 at DEVWorld Amsterdam is in the books! If you're attending on Friday, stop by our booth and let's talk about how Doyensec can help your team Build With Security!

    #doyensec #appsec #security #devworld #devworldconference

  21. A great day 1 at DEVWorld Amsterdam is in the books! If you're attending on Friday, stop by our booth and let's talk about how Doyensec can help your team Build With Security!

    #doyensec #appsec #security #devworld #devworldconference

  22. Our CloudSecTidbits series is back with a bang! In the latest edition, we're releasing maSSO - A weaponized Identity Provider (IdP) for security testing! Read all about it and the dangers of Multi-SSO AWS Cognito User Pools.

    #doyensec #appsec #security

    blog.doyensec.com/2026/05/05/c

  23. Join #Doyensec at #DEFCON Singapore 🇸🇬 - Demo Labs!

    Our Mohamed Ouad and Francesco Lacerenza present CloudSec Tidbits: Breaking “Secure-Looking” Cloud Architectures

    See real-world cloud/AppSec bugs & labs

    Details - defcon.org/html/defcon-singapo

    🗓 Tue 14:00 | Wed 12:00 | Thu 13:00

    #cloudsec #appsec #security

  24. Join #Doyensec at #DEFCON Singapore 🇸🇬 - Demo Labs!

    Our Mohamed Ouad and Francesco Lacerenza present CloudSec Tidbits: Breaking “Secure-Looking” Cloud Architectures

    See real-world cloud/AppSec bugs & labs

    Details - defcon.org/html/defcon-singapo

    🗓 Tue 14:00 | Wed 12:00 | Thu 13:00

    #cloudsec #appsec #security

  25. In our @Adenkiewicz 's latest post, see how combining AFL++ with GPT-5 Codex sped up triaging the results from fuzzing NASA’s CFITSIO library and uncovered numerous vulnerabilities.

    blog.doyensec.com/2026/04/20/c

    #doyensec #appsec #security #fuzzing

  26. In our @Adenkiewicz 's latest post, see how combining AFL++ with GPT-5 Codex sped up triaging the results from fuzzing NASA’s CFITSIO library and uncovered numerous vulnerabilities.

    blog.doyensec.com/2026/04/20/c

    #doyensec #appsec #security #fuzzing

  27. 🥳Doyensec is proud to announce our sponsorship of the UC Davis Cyber Security Club! 💻🔐

    We're committed to supporting the next generation of #cybersecurity talent 📚🧗

    daviscybersec.org/sponsors/

    #appsec #doyensec #infosec #ucdavis

  28. 🥳Doyensec is proud to announce our sponsorship of the UC Davis Cyber Security Club! 💻🔐

    We're committed to supporting the next generation of #cybersecurity talent 📚🧗

    daviscybersec.org/sponsors/

    #appsec #doyensec #infosec #ucdavis

  29. In our latest blog post, Szymon Drosdzol provides an in-depth walkthrough of using the #frida toolkit to demonstrate the right way to intercept OkHTTP traffic. This is essential knowledge for #android security research!

    Check it out today: blog.doyensec.com/2026/01/22/f

    #appsec #doyensec #security

  30. In the second post on Eval Villain, [email protected] walks through the quick & easy setup and its configuration. Check it out & start finding those client-side vulnerabilities today!

    youtu.be/-hIA5uLNFck

    Download it today: github.com/swoops/eval_villain

    #appsec #doyensec #security

  31. 🥂🤖 A toast to 9 years of #Doyensec!

    Nine years of pushing application security forward, breaking things so others don’t, & helping teams build with security from day one. 🍸

    Cheers to the bugs we’ve found, the apps we’ve strengthened, & the many secure years still to come. 🎉

  32. We’re excited to share the first video in our Eval Villain series from @bemodtwz

    This powerful security tool is designed to uncover client-side vulnerabilities and help defenders spot risky patterns.

    youtu.be/2dUoOyYKkzU

    #doyensec #appsec #security #evalvillain #xss

  33. 🚨 Just released - details on a serious vulnerability from our Leonardo Giovannini's research. An information disclosure within error messages allowing a remote attacker to identify security tokens/credentials when #squid is used. Perfect for SSRF!🚨

    #doyensec #appsec #security #vulnerability

    github.com/squid-cache/squid/s

  34. In our final ksmbd research post, @sine provides a detailed walkthrough for exploiting a local privilege escalation vulnerability. If you're interested in learning more about exploitation on modern systems - check it out!

    blog.doyensec.com/2025/10/08/k

    #doyensec #appsec #security

  35. 🧞Your wish has been granted - the latest @PagedOut edition is out! In it, our Szymon Drosdzol takes a quick look at #vibecoding, walking through the creation of an AI agent🤖. Check it out today!

    #doyensec #appsec #ai #Security

    pagedout.institute/

  36. 📢 It's here! Part two of Norbert Szetei's (@sine) research into ksmbd. See how customized fuzzing & selecting the right sanitizers led to discovering 23 Linux kernel CVEs, including use-after-frees & out-of-bounds reads/writes.

    blog.doyensec.com/2025/09/02/k
    #doyensec #appsec #security #fuzzing

  37. Are you located in the US/EU? Passionate about #appsec? Maybe you follow #bugbountytips or are an avid #ctf player and are ready to take the next step. If so, we're looking for our next #intern, so consider applying today - hackers.doyensec.com.
    #doyensec #security #internship #bugbounty

  38. Are you located in the US/EU? Passionate about #appsec? Maybe you follow #bugbountytips or are an avid #ctf player and are ready to take the next step. If so, we're looking for our next #intern, so consider applying today - hackers.doyensec.com.
    #doyensec #security #internship #bugbounty

  39. Are you located in the US/EU? Passionate about #appsec? Maybe you follow #bugbountytips or are an avid #ctf player and are ready to take the next step. If so, we're looking for our next #intern, so consider applying today - hackers.doyensec.com.
    #doyensec #security #internship #bugbounty

  40. Are you located in the US/EU? Passionate about #appsec? Maybe you follow #bugbountytips or are an avid #ctf player and are ready to take the next step. If so, we're looking for our next #intern, so consider applying today - hackers.doyensec.com.
    #doyensec #security #internship #bugbounty

  41. Are you located in the US/EU? Passionate about #appsec? Maybe you follow #bugbountytips or are an avid #ctf player and are ready to take the next step. If so, we're looking for our next #intern, so consider applying today - hackers.doyensec.com.
    #doyensec #security #internship #bugbounty

  42. Several members of the @doyensec team are heading to @TumpiConIT 🇮🇹 for our Norbert Szetei's presentation on his awesome ksmbd security research. If you're around, make sure to talk to Luca Carettoni & the team!
    #doyensec #appsec #TumpiCon

    tumpicon.org/

  43. Several members of the @doyensec team are heading to @TumpiConIT 🇮🇹 for our Norbert Szetei's presentation on his awesome ksmbd security research. If you're around, make sure to talk to Luca Carettoni & the team!
    #doyensec #appsec #TumpiCon

    tumpicon.org/

  44. Several members of the @doyensec team are heading to @TumpiConIT 🇮🇹 for our Norbert Szetei's presentation on his awesome ksmbd security research. If you're around, make sure to talk to Luca Carettoni & the team!
    #doyensec #appsec #TumpiCon

    tumpicon.org/

  45. Several members of the @doyensec team are heading to @TumpiConIT 🇮🇹 for our Norbert Szetei's presentation on his awesome ksmbd security research. If you're around, make sure to talk to Luca Carettoni & the team!
    #doyensec #appsec #TumpiCon

    tumpicon.org/

  46. Several members of the @doyensec team are heading to @TumpiConIT 🇮🇹 for our Norbert Szetei's presentation on his awesome ksmbd security research. If you're around, make sure to talk to Luca Carettoni & the team!
    #doyensec #appsec #TumpiCon

    tumpicon.org/

  47. 🚀 We have just released a new Security Advisory for NASA's CFITSIO library 🛰️. Click the link for details on the Heap Overflow, Type Confusion, Out-of-Bound Writes & other vulnerabilities discovered by our Adrian Denkiewicz !

    doyensec.com/resources/Doyense

    #doyensec #appsec #security

  48. Several members of the #doyensec team are here in Berlin 🇩🇪attending 🎯Offensive Con 🎯 this weekend! Ping us or just say "hallo" in person, if you'd like to talk #appsec or grab a coffee. We're looking forward to some amazing talks!
    #offensivecon #security

  49. Several members of the #doyensec team are here in Berlin 🇩🇪attending 🎯Offensive Con 🎯 this weekend! Ping us or just say "hallo" in person, if you'd like to talk #appsec or grab a coffee. We're looking forward to some amazing talks!
    #offensivecon #security

  50. In the Pisa 🇮🇹 area this weekend? Stop by the Google Developer Group's #DevFestPisa 2025 to catch the presentation from Doyensec's Aleandro Prudenzano - "Imparare la cybersecurity catturando bandiere" (Learn Cybersecurity by Capturing Flags 🚩).

    eventbrite.it/e/devfest-pisa-2

    #Doyensec #AppSec #GDG #GDGPisa #security