Deep technical application security trainings.
We provide application security trainings and certification via self paced online courses as well as hands on live trainings at Security conferences. We deliver trainings on web application security, mobile application security, pentesting modern technology stack, and windows exploit development. For more information, visit our security education portal
Pentest & Code Review
In God we trust; rest we test.
We find security vulnerabilities in web application, web services, frameworks, mobile applications built for Android, iOS and software written for Internet of things (IoT). We do comprehensive security assessments that include threat analysis, architectural reviews, pentesting and source code review. Contact us for more details.
We love security automation and develops security tools that work.
Latest advisories and research from OpenSecurity.
- Exploiting insecure file extraction in Python for code execution
- Exploiting deserialization bugs in Node.js modules for Remote Code Execution
- Server Side Template Injection in Tornado
- Instamojo Woocommerce Plugin XSS
- OS X Mavericks 10.9.5 – out of bound read/write in memmove()
- AppLock MITM Password Reset Vulnerability
- Reversing DexGuard’s String Encryption
- Bypassing Content Security Policy with a JS/GIF Polyglot
- Bypassing PIN in Whisper Android Application
- Tizen 2.2.1 WebKit Address Spoofing
- MTS MBlaze Ultra Wi-Fi / ZTE AC3633 Multiple Vulnerabilities