Appsecco

01/01/2022

Happy New year from team Appsecco!

04/11/2021

Happy Diwali from team Appsecco 🙂

26/10/2021

Shruthi Kamath will be speaking at Day of shecurity next week on Friday on "Bridging the gaps between security teams and customers".

You can sign up for free at https://dayofshecurity.com/registration to attend the conference.

13/10/2021

We are actively looking for PenTesters who have 2+ years of experience in API/Web and/or Cloud PenTesting.

Kindly email at [email protected]

24/09/2021

Kavisha will be speaking on "AWS (mis)configuration from an attacker’s-eye view" at OWASP 20th Anniversary Event.

Date & Time : September 24, 2021, 11:00pm - 11:30pm EDT

Register now at : https://www.eventbrite.com/e/owasps-20th-anniversary-event-celebration-tickets-152915084133

Event link : https://sched.co/m4HO

24/08/2021

Pankaj Mouriya will be presenting on “Map and Conquer application security over cloud” at BSides NewCastle 2021 - “Return of the Weird”

Conference Dates – Sept 10th & 11th, 2021

Buy your tickets now!

Ticket details - https://bsidesnewcastle.org/index.php/tickets/

Sept 10-11 2021 our 3rd event “Return of the Weird” Ticket Details As this is a virtual confrence there are a few options of tickets as detailed below, Tickets are be available via Eventbrite. https://www.eventbrite.co.uk/e/bsidesncl-2021-tickets-159721628691 Virtual Attendance Pay what you want...

20/05/2021

You are a source of inspiration to us. As you add another year to your life, count the blessings and the many lives you have touched. Thank you for everything you do! ✨

Wishing you a very happy birthday, Akash🎂🎉🎊🍻

19/05/2021

In case you missed Pankaj Mouriya talk at OWASP Bay Area yesterday on "The Tangled Web and Its Same Origin Policy"

Here's the link to view it :

https://youtu.be/xaYvpLv9pMI

Talk 1: The Tangled Web and Its Same Origin PolicySame Origin Policy is the Fundamental Security Model of the web, it's been very long that I have been strug...

15/04/2021

It’s been said that the number of clues remains constant even as some field of expertise expands. This may sometimes be the outgoing generation accusing the incoming generation of being soft or lazy, and indeed it has also been said that progress in most fields occurs one obituary at a time. What ...

15/04/2021

Here's the 2nd part of our technical blog post where we exploit weak configuration in Google Cloud Identity Platform.
Give it a read to understand -
- Potential Misconfiguration
- Detection
- Code to Practice
- Exploitation with Real Time Web application
- Mitigation
Check out the link to the blog: https://blog.appsecco.com/exploiting-weak-configurations-in-google-identity-platform-cbddbd0e71e3

08/04/2021

Kavisha is doing a session on "Attacks on AWS using Cloudgoat" on April 11th from 11 AM - 12 PM IST.

Register now at https://forms.gle/StvksAUAipeRgEhe8

08/04/2021

Do you use AWS's Cognito Service for Authentication in your Apps?

Then you should give Pankaj's blog a read in which he explains how Weak Cognito Configs can be exploited.

Link to the blog - http://ow.ly/IaEH50EjEb8

We will also be sharing the 2nd part of this blog post where he explains how weak configuration can be exploited in Identity Platform(Google Cloud).

Stay tuned!!