What is Detectify?

Writeups

Fusion Challenges – level02 Write-up

binary exploitation Fusion challenges return-oriented programming
Slack Slackbots token

Slack bot token leakage exposing business critical information

bug bounty Bugcrowd Cross Site Scripting Frans Rosén XSS

Frans Rosén’s Bugcrowd Guest Blog: Using a Braun Shaver to Bypass XSS Audit and WAF

Content-Security-Policy CSP Ethical Hacking Reflected XSS

CSP: bypassing form-action with reflected XSS

OS SOP SOP bypass

Bypassing SOP and shouting hello before you cross the pond

Chrome extensions Dropbox Ethical Hacking Google Drive privacy

Chrome Extensions – AKA Total Absence of Privacy

Frans Rosén Patreon Remote Code Execution Werkzeug Debugger

How Patreon got hacked – Publicly exposed Werkzeug Debugger

Chrome HTTPS Everywhere Security Extensions

How I disabled your Chrome security extensions

bypass Google Cloud NoScript

Using Google Cloud to Bypass NoScript

PDF PHP TCPDF

Stealing files from web servers by exploiting a popular PDF generator