What is Detectify?
Detectify Labs
A security research blog
App Security
Writeups
How to
Crowdsource
Solutions to the Twins of Ten XSS Challenge
Chrome
Cross Site Scripting
Safari
Twins of Ten
XSS
Most read articles
How I made LastPass give me all your passwords
»
Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token
»
Chrome Extensions – AKA Total Absence of Privacy
»
Using Google Cloud to Bypass NoScript
bypass
Google Cloud
NoScript
Get research and tips from Detectify security experts and the Crowdsource hacker community
Subscribe to the Detectify Monthly Round-up
XSS challenge – Twins of Ten
Cross Side Scripting
Twins of Ten
XSS
Google XSS Turkey
Cross Site Scripting
Google
Turkey
XSS
Building an XSS polyglot through SWF and CSP
bug bounty
Frans Rosén
XSS
Stealing files from web servers by exploiting a popular PDF generator
PDF
PHP
TCPDF
Finding an XSS in an HTML-based Android application
Android
Ethical Hacking
XSS
Zoho
Hijacking of abandoned subdomains part 2
DNS Resource Records
Hostile Subdomain takeover
Microsoft
Szymon Gruszecki
Hostile Subdomain Takeover using Heroku/Github/Desk + more
Desk
Github
Heroku
Hostile Subdomain takeover
Bash vulnerability affecting web servers and many other services
bash
« Previous
1
…
7
8
9
10
11
Next »
Start securing your web apps with tech powered by Detectify Crowdsource hackers
Start a 2-week free trial of Detectify and go hack yourself