Vidoc Security Lab

Security research and services.

Group of curious bug bounty hunters and offensive security researchers who are exploring the world of web security.

Featured story

Hacking Swagger-UI - from XSS to account takeovers

We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...

·
Read post

We are a team of experienced security engineers

Our goal is to produce valuable security reserach and help companies secure their web services. Among our team members we have experienced web developers, security engineers and researchers.

Dawid Moczadło

Dawid Moczadło

Security Researcher & Co-Founder

Klaudia Kloc

Klaudia Kloc

Security Researcher & Co-Founder

Oriana Olivetti

Oriana Olivetti

Security Researcher

What do we do?

Vidoc logo

Security Research

We study web application libraries, tools and services to explore new security vulnerabilities and attack types. We scan thousands of hosts daily to detect similar patterns based on findings, report them to companies, and then produce well-researched, in-depth content to share knowledge with researchers and rise the awarness.

Landing illustration
Vidoc logo

Tools

We’re working on a new web application security scanner dedicated to modern web applications. Our goal is to create a tool with lower false positive rate, and more customization options, tailored specifically for every cutomser need. More information coming soon.

Computers illustration

Projects

Our team submitted almost 100 security reports to several tech companies, including Facebook/Meta, Microsoft, Yahoo, Shopify and many more. Our findings include original vulnerabilities, never published before. Based on our security research we create modules for the web application security scanner we are developing, to scan infrastructure of 1300 companies for similar bugs. More information on the tool and its availability for our business partners is coming soon.

Subscribe to our newsletter to be the first to hear about our security research and the tool.

Subscribe to newsletter