What is Detectify?

App Security

What’s it like inside the mind of Kate Libby? Who knows, but we can show you what it’s like inside the mind of Detectify’s researchers and Crowdsource hackers in the blog posts below.

10 Types of Web Vulnerabilities that are Often Missed

bug bounty Detectify Crowdsource Farah Hawa featured hakluke
api security Farah Hawa hakluke

How to Hack APIs in 2021

client-side page-fetch prototype pollution tools

What is a Prototype Pollution vulnerability and how does page-fetch help?

Get research and tips from Detectify security experts and the Crowdsource hacker community Time... to subscribe to the Detectify Monthly Round-up
Frans Rosén load balancer Mathias Karlsson middleware vulnerabilities misconfigurations Nginx

Middleware, middleware everywhere – and lots of misconfigurations to fix

PHP

Modern PHP Security Part 2: Breaching and hardening the PHP engine

modern php SQLi SSRF SSTI

Modern PHP Security Part 1: bug classes

password managers

Thinking outside of the password manager box

https mitm vpn

Abuse MITM possible regardless of HTTPS

Auditor Cross Site Scripting Frans Rosén HTTPS Everywhere Linus Särud validation

XSS using quirky implementations of ACME http-01

AWS bug bounty Frans Rosén Google Cloud s3 buckets

Bypassing and exploiting Bucket Upload Policies and Signed URLs