What is Detectify?
Web security blog
Security
Writeups
How to
Detectify
How we invented the Tesla DOM DOOM XSS
Tesla
XSS
Most read articles
How I made LastPass give me all your passwords
»
Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token
»
Chrome Extensions – AKA Total Absence of Privacy
»
A deep dive into AWS S3 access controls – taking full control over your assets
AWS
bug bounty
Frans Rosén
privacy
XSS
How I found a persistent XSS affecting thousands of career sites
Detectify Crowdsource
Persistent XSS
Team Tailor
XSS
BountyDash – A local bug bounty statistics dashboard
bug bounty
Frans Rosén
Github
Mathias Karlsson
Login/logout CSRF: Time to reconsider?
login/logout CSRF
Mathias Karlsson
Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token
Frans Rosén
postmessage
Slack
SQLi in INSERT worse than SELECT
Mathias Karlsson
SQL Injection
Stored XSS-ing Millions Of Sites Through HTML Comment Box
CSP flaws: cookie fixation
Cookie fixation
CSP
Mathias Karlsson
postMessage XSS on a million sites
AddThis
Mathias Karlsson
postmessage
« Previous
1
2
3
4
…
7
Next »
