What is Detectify?

Writeups

How Patreon got hacked – Publicly exposed Werkzeug Debugger

Frans Rosén Patreon Remote Code Execution Werkzeug Debugger
Chrome HTTPS Everywhere Security Extensions

How I disabled your Chrome security extensions

bypass Google Cloud NoScript

Using Google Cloud to Bypass NoScript

PDF PHP TCPDF

Stealing files from web servers by exploiting a popular PDF generator

Android Ethical Hacking XSS Zoho

Finding an XSS in an HTML-based Android application

DNS Resource Records Hostile Subdomain takeover Microsoft Szymon Gruszecki

Hijacking of abandoned subdomains part 2

Desk Github Heroku Hostile Subdomain takeover

Hostile Subdomain Takeover using Heroku/Github/Desk + more

bash

Bash vulnerability affecting web servers and many other services

Chrome XSS

Chrome XSS Protection Bias (using Rails)

iOS

Another iOS Lock Screen bypass – Control Center turned off