Security writeups from researchers for researchers

We scan, we hack, we write about it. New interesting vulnerabilities, attack techniques, tools and bug bounty tips.

Log in Subscribe

Home
About

SAST vs. DAST: Choosing the Right Security Testing for Your Project

SAST vs. DAST: Choosing the Right Security Testing for Your Project

Distinguishing between SAST & DAST is crucial for any robust security strategy. Adopting a unified approach, by leveraging both scans, ensures that your software remains secure during its lifecycle, effectively mitigating potential risks and vulnerabilities in today’s fast-paced digital environment.

Oriana Olivetti

14 Mar 2024 · 3 min read

AI Pentesting vs Automated Penetration Testing

AI Pentesting vs Automated Penetration Testing

In the rapidly evolving cybersecurity landscape, where the emergence of AI-generated code presents unprecedented challenges, the concept of automated penetration testing emerges as a beacon of innovation and efficiency.

Oriana Olivetti

29 Feb 2024 · 4 min read

Why you never get Reflected XSS to execute: Balancing Payloads

Why you never get Reflected XSS to execute: Balancing Payloads

Beginners guide to Reflected XSS. Everyone talks about the different XSS cheatsheets, and then you are supposed to try them one by one to see if any of the payloads get executed on your target. We don't like that. It's time-consuming and a mindless task.

Oriana Olivetti

20 Feb 2024 · 4 min read

© 2025 Vidoc Security Lab - blog. All rights reserved.