Doyensec📢 #Doyensec is sponsoring Dev World! We'll be at our booth discussing security research & how to "Build with Security" directly with the #dev community.
Stop by - we'd love to chat!
🗓 May 7–8 | 📍 Amsterdam, Netherlands🇳🇱
Did you know you can use #InQL to recreate #GraphQL schema even when the introspection query is disabled? Our Schema Bruteforcer ensures "hidden" doesn't actually mean "off-limits".
Find out more at:
https://blog.doyensec.com/2025/12/02/inql-v610.html
https://github.com/doyensec/inql
AuthN/Z is always a #security minefield & MCP adds even more complexity with agents, remote servers, and transitive trust.
This Teleport-sponsored deep dive breaks down attack vectors & why each auth step is a potential trust boundary.
Check out the latest edition of @PagedOut featuring Doyensec's own Bartłomiej (Bartek) Górkiewicz vibing on Reversing Python Bytecode, along with plenty of other great articles!
Introducing SafeUpdater by Michael Pastor - A security-first update framework for Electron apps, built around explicit threat models, integrity and authenticity guarantees, and real attack mitigations. Check it out today!
https://blog.doyensec.com/2026/02/16/electron-safe-updater.html
Humans vs. AI? We put them to the test in our new post! We went head-to-head with AI tools to see who would win? Check it out today to see the results!
https://blog.doyensec.com/2026/02/03/outline-audit-q32025.html
🎯 Make XSS hunting easier and faster
In the latest video in our Eval Villain series, @bemodtwz demonstrates how the “needles” feature can dramatically speed up your search for DOM-based XSS and other injection points.
If you’re doing client-side security testing, this is a great example of how the right tooling can remove friction and help you focus on what matters: finding real vulnerabilities.
👉 Watch here: https://youtu.be/LI9QOuQDduE
Efficient sink mapping with needles
🥳Doyensec is proud to announce our sponsorship of the UC Davis Cyber Security Club! 💻🔐
We're committed to supporting the next generation of #cybersecurity talent 📚🧗
In our latest blog post, Szymon Drosdzol provides an in-depth walkthrough of using the #frida toolkit to demonstrate the right way to intercept OkHTTP traffic. This is essential knowledge for #android security research!
Check it out today: https://blog.doyensec.com/2026/01/22/frida-instrumentation.html
