What is Detectify?

Detectify Labs

A security research blog

Hakluke’s huge list of resources for beginner hackers

Most read articles
How I made LastPass give me all your passwords » Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token » Chrome Extensions – AKA Total Absence of Privacy »

How to Hack APIs in 2021

api security Farah Hawa hakluke
Get research and tips from Detectify security experts and the Crowdsource hacker community Subscribe to the Detectify Monthly Round-up

Undocumented authentication bypass issue in AEM Package Manager [Blog updated]

0day Detectify Crowdsource

What is a Prototype Pollution vulnerability and how does page-fetch help?

client-side page-fetch prototype pollution tools

Detectify releases Ugly Duckling, an open-source web scanner for ethical hackers

Detectify Crowdsource open-source scanner

Top 12 hacker tips to secure your SPA from Crowdsource

Detectify Crowdsource

CVE-2020-29653: Stealing Froxlor login credentials using dangling markup

0-day CVE Detectify Crowdsource XSS

Middleware, middleware everywhere – and lots of misconfigurations to fix

Frans Rosén load balancer Mathias Karlsson middleware vulnerabilities misconfigurations Nginx

How I hijacked the top-level domain of a sovereign state

ccTLD DNS hijacking Domain hijacking Fredrik Almroth TLD takeover

Modern PHP Security Part 2: Breaching and hardening the PHP engine

PHP
Start securing your web apps with tech powered by Detectify Crowdsource hackers Start a 2-week free trial of Detectify and go hack yourself
What is Detectify? Subscribe to newsletter Sign up for a free trial »
A security service for developers.