Announcing ECG v2.0

We are proud to announce that ECG got its first major update. ECG: is the first and single commercial solution (Static Source Code Scanner) able to analyze & detect real and complex security vulnerabilities in TCL/ADP source-code.

ECG's v2.0 New Features

On-Premises Deploy: Scan your code repository on your secure and highly-scalable offline appliance with a local ECG's installation to comply with strict code privacy policies. API Support: Easily integrate ECG's automated security testing into your continuous integration (CI/CD)...

Announcing ECG’s Closed Beta

After a lot of effort and a long month of alpha testing, today I’m proud to announce the launch of ECG’s closed beta.

What is ECG? (tl;dr)

ECG is a TCL static source code analysis tool. It is the first commercial solution able to detect real and complex security vulnerabilities in TCL/ADP source-code. Want to know more about ECG? Visit ECG's main website!

What is TCL?

TCL is a...

electron

Instrumenting Electron Apps for Security Testing

This is a re-posting of the original article "Instrumenting Electron Apps for Security Testing" that I have wrote on Doyensec

What is Electron?

The Electron Framework is used to develop multi-platform desktop applications with nothing more than HTML, JavaScript and CSS. It was initially developed for GitHub's Atom editor and since then it was used to create applications like Discord, Ghost, GitHub, Skype, Slack, Wire and a lot more. While for the traditional desktop...

Report: Ghost Blogging Platform

Advisory: VoidSec-15-001 Disclosure date: March 03, 2015 Vendor: Ghost Advisory sent: January 26, 2015 First delay: February 24,2015  

Download the Report

Introduzione

In Gennaio, il team VoidSec (voidsec, bughardy, smaury) ha realizzato un web application penetration test sulla piattaforma di blogging Ghost. Ghost è un nuovo content management system dedicato ai blogger che cercano un’alternativa a WordPress. Un crescente numero di utenti ha abbandonato i CMS tradizionali per abbracciare piattaforme più minimali, concentrate sulla lettura e la scrittura, essenziali; in questo Ghost è...