What is Detectify?

App Security

What’s it like inside the mind of Kate Libby? Who knows, but we can show you what it’s like inside the mind of Detectify’s researchers and Crowdsource hackers in the blog posts below.

Should you learn to code before you learn to hack?

bug bounty Detectify Crowdsource Farah Hawa featured hakluke

10 Types of Web Vulnerabilities that are Often Missed

api security Farah Hawa hakluke

How to Hack APIs in 2021

Get research and tips from Detectify security experts and the Crowdsource hacker community Subscribe to the Detectify Monthly Round-up
client-side page-fetch prototype pollution tools

What is a Prototype Pollution vulnerability and how does page-fetch help?

Frans Rosén load balancer Mathias Karlsson middleware vulnerabilities misconfigurations Nginx

Middleware, middleware everywhere – and lots of misconfigurations to fix


Modern PHP Security Part 2: Breaching and hardening the PHP engine

modern php SQLi SSRF SSTI

Modern PHP Security Part 1: bug classes

password managers

Thinking outside of the password manager box

https mitm vpn

Abuse MITM possible regardless of HTTPS

Auditor Cross Site Scripting Frans Rosén HTTPS Everywhere Linus Särud validation

XSS using quirky implementations of ACME http-01