What is Detectify?

Web security blog

What HPKP is but isn’t

HPKP HTTP public key pinning
Most read articles
How I made LastPass give me all your passwords » Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token » Chrome Extensions – AKA Total Absence of Privacy »

7 tools that have influenced the reversing community

DRM reverse engineering

Fusion Challenges – level02 Write-up

binary exploitation Fusion challenges return-oriented programming

Slack bot token leakage exposing business critical information

Slack Slackbots token

Frans Rosén’s Bugcrowd Guest Blog: Using a Braun Shaver to Bypass XSS Audit and WAF

bug bounty Bugcrowd Cross Site Scripting Frans Rosén XSS

Using reverse engineering techniques to see how a common malware packer works

reverse engineering UPX

Tips for running an onion

Onion Onion-domain Tor

CSP: bypassing form-action with reflected XSS

Content-Security-Policy CSP Ethical Hacking Reflected XSS

Bypassing SOP and shouting hello before you cross the pond

OS SOP SOP bypass

We are looking for tech writers

What is Detectify? Contact us Sign up for a free trial »
A security service for developers.