What is Detectify?

App Security

What’s it like inside the mind of Kate Libby? Who knows, but we can show you what it’s like inside the mind of Detectify’s researchers and Crowdsource hackers in the blog posts below.

Bypassing and exploiting Bucket Upload Policies and Signed URLs

AWS bug bounty Frans Rosén Google Cloud s3 buckets
Popular tags XSS Detectify Crowdsource Frans Rosén bug bounty Detectify
2fa phone number

The danger of recycled phone numbers

Linus Särud / May 24, 2018
host headers password managers Safari XSS

Scratching the surface of host headers in Safari

Linus Särud / April 4, 2018
Get research and tips from Detectify security experts and the Crowdsource hacker community Subscribe to the Detectify Monthly Round-up
open redirect phishing social media

Changing the URL of social media sharing buttons

Linus Särud / February 2, 2018

How I exploited ACME TLS-SNI-01 issuing Let’s Encrypt SSL-certs for any domain using shared hosting

January 12, 2018
Chrome Chrome extensions Facebook Frans Rosén XSS

Dissecting the Chrome Extension Facebook malware

August 31, 2017
AWS bug bounty Frans Rosén privacy XSS

A deep dive into AWS S3 access controls – taking full control over your assets

July 13, 2017
bug bounty Frans Rosén Github Mathias Karlsson

BountyDash – A local bug bounty statistics dashboard

June 15, 2017
bug bounty Fastly Frans Rosén Heroku Mathias Karlsson

Combining host header injection and lax host parsing serving malicious data

October 24, 2016
HPKP HTTP public key pinning

What HPKP is but isn’t

July 5, 2016
What is Detectify? Subscribe to newsletter Sign up for a free trial »
A security service for developers.