What is Detectify?
Detectify Labs
A security research blog
App Security
Writeups
How to
Crowdsource
Hostile Subdomain Takeover using Heroku/Github/Desk + more
Desk
Github
Heroku
Hostile Subdomain takeover
Most read articles
How I made LastPass give me all your passwords
»
Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token
»
Chrome Extensions – AKA Total Absence of Privacy
»
Bash vulnerability affecting web servers and many other services
bash
Get research and tips from Detectify security experts and the Crowdsource hacker community
Subscribe to the Detectify Monthly Round-up
How the celebrity hack could have been done
hack
iCloud
privacy
The lesser known pitfalls of allowing file uploads on your website
Frans Rosén
Detectify Validation Specification
Detectify
validation
5 contexts where the XSS Auditor won’t help you
Auditor
bypass
XSS
The Story of the Detectify Game
Detectify
Detectify Game
Chrome XSS Protection Bias (using Rails)
Chrome
XSS
Another iOS Lock Screen bypass – Control Center turned off
iOS
iOS 7 lock screen bypass write-up
iOS
« Previous
1
…
8
9
10
11
Next »
Start securing your web apps with tech powered by Detectify Crowdsource hackers
Start a 2-week free trial of Detectify and go hack yourself