What is Detectify?

The danger of recycled phone numbers

2fa phone number
host headers password managers Safari XSS

Scratching the surface of host headers in Safari

Detectify Crowdsource

GraphQL abuse: Bypass account level permissions through parameter smuggling

open redirect phishing social media

Changing the URL of social media sharing buttons

How I exploited ACME TLS-SNI-01 issuing Let’s Encrypt SSL-certs for any domain using shared hosting

Amazon PayPal Public Information Security Questions

Security Questions are not secure

Detectify Crowdsource Peter Jaric Selenium Grid

Guest Blog: Don’t Leave your Grid Wide Open

Chrome privacy Tinder

TrackMania – a Chrome plugin to stalk your friends on Tinder

Detectify Crowdsource DNS spoofing vulnerability

Guest blog: Bypassing domain control verification with DNS response spoofing

Chrome Chrome extensions Facebook Frans Rosén XSS

Dissecting the Chrome Extension Facebook malware