What is Detectify?

Detectify Labs

A security research blog

What is a Prototype Pollution vulnerability and how does page-fetch help?

client-side page-fetch prototype pollution tools
Most read articles
How I made LastPass give me all your passwords » Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token » Chrome Extensions – AKA Total Absence of Privacy »

Detectify releases Ugly Duckling, an open-source web scanner for ethical hackers

Detectify Crowdsource open-source scanner
Get research and tips from Detectify security experts and the Crowdsource hacker community Subscribe to the Detectify Monthly Round-up

Top 12 hacker tips to secure your SPA from Crowdsource

Detectify Crowdsource

CVE-2020-29653: Stealing Froxlor login credentials using dangling markup

0-day CVE Detectify Crowdsource XSS

Middleware, middleware everywhere – and lots of misconfigurations to fix

Frans Rosén load balancer Mathias Karlsson middleware vulnerabilities misconfigurations Nginx

How I hijacked the top-level domain of a sovereign state

ccTLD DNS hijacking Domain hijacking Fredrik Almroth TLD takeover

Modern PHP Security Part 2: Breaching and hardening the PHP engine

PHP

Modern PHP Security Part 1: bug classes

modern php SQLi SSRF SSTI

How-to Tutorial: PHP Webshell De-Obfuscation

php malware

Investigation of PHP Web Shell Hexedglobals.3793 Variants

PHP php malware
Start securing your web apps with tech powered by Detectify Crowdsource hackers Start a 2-week free trial of Detectify and go hack yourself
What is Detectify? Subscribe to newsletter Sign up for a free trial »
A security service for developers.