What is Detectify?

Security

Combining host header injection and lax host parsing serving malicious data

bug bounty Fastly Frans Rosén Heroku Mathias Karlsson
HPKP HTTP public key pinning

What HPKP is but isn’t

DRM reverse engineering

7 tools that have influenced the reversing community

reverse engineering UPX

Using reverse engineering techniques to see how a common malware packer works

Chrome Cross Site Scripting Safari Twins of Ten XSS

Solutions to the Twins of Ten XSS Challenge

Cross Side Scripting Twins of Ten XSS

XSS challenge – Twins of Ten

Cross Site Scripting Google Turkey XSS

Google XSS Turkey

hack iCloud privacy

How the celebrity hack could have been done

Frans Rosén

The lesser known pitfalls of allowing file uploads on your website

Auditor bypass XSS

5 contexts where the XSS Auditor won’t help you