What is Detectify?

Detectify Labs

A security research blog

7 tools that have influenced the reversing community

DRM reverse engineering
Most read articles
How I made LastPass give me all your passwords » Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token » Chrome Extensions – AKA Total Absence of Privacy »

Fusion Challenges – level02 Write-up

binary exploitation Fusion challenges return-oriented programming
Get research and tips from Detectify security experts and the Crowdsource hacker community Subscribe to the Detectify Monthly Round-up

Slack bot token leakage exposing business critical information

Slack Slackbots token

Frans Rosén’s Bugcrowd Guest Blog: Using a Braun Shaver to Bypass XSS Audit and WAF

bug bounty Bugcrowd Cross Site Scripting Frans Rosén XSS

Using reverse engineering techniques to see how a common malware packer works

reverse engineering UPX

Tips for running an onion

Onion Onion-domain Tor

CSP: bypassing form-action with reflected XSS

Content-Security-Policy CSP Ethical Hacking Reflected XSS

Bypassing SOP and shouting hello before you cross the pond

OS SOP SOP bypass

We are looking for tech writers

Chrome Extensions – AKA Total Absence of Privacy

Chrome extensions Dropbox Ethical Hacking Google Drive privacy
Start securing your web apps with tech powered by Detectify Crowdsource hackers Start a 2-week free trial of Detectify and go hack yourself
What is Detectify? Subscribe to newsletter Sign up for a free trial »
A security service for developers.