What is Detectify?
Detectify Labs
A security research blog
App Security
Writeups
How to
Crowdsource
How Patreon got hacked – Publicly exposed Werkzeug Debugger
Frans Rosén
Patreon
Remote Code Execution
Werkzeug Debugger
Most read articles
How I made LastPass give me all your passwords
»
Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token
»
Chrome Extensions – AKA Total Absence of Privacy
»
How I disabled your Chrome security extensions
Chrome
HTTPS Everywhere
Security Extensions
Get research and tips from Detectify security experts and the Crowdsource hacker community
Subscribe to the Detectify Monthly Round-up
Solutions to the Twins of Ten XSS Challenge
Chrome
Cross Site Scripting
Safari
Twins of Ten
XSS
Using Google Cloud to Bypass NoScript
bypass
Google Cloud
NoScript
XSS challenge – Twins of Ten
Cross Side Scripting
Twins of Ten
XSS
Google XSS Turkey
Cross Site Scripting
Google
Turkey
XSS
Building an XSS polyglot through SWF and CSP
bug bounty
Frans Rosén
XSS
Stealing files from web servers by exploiting a popular PDF generator
PDF
PHP
TCPDF
Finding an XSS in an HTML-based Android application
Android
Ethical Hacking
XSS
Zoho
Hijacking of abandoned subdomains part 2
DNS Resource Records
Hostile Subdomain takeover
Microsoft
Szymon Gruszecki
« Previous
1
…
7
8
9
10
11
Next »
Start securing your web apps with tech powered by Detectify Crowdsource hackers
Start a 2-week free trial of Detectify and go hack yourself