What is Detectify?
Mathias Karlsson
App Security
Writeups
How to
Crowdsource
Middleware, middleware everywhere – and lots of misconfigurations to fix
Frans Rosén
load balancer
Mathias Karlsson
middleware vulnerabilities
misconfigurations
Nginx
Popular tags
XSS
Detectify Crowdsource
Frans Rosén
bug bounty
Detectify
bug bounty
Frans Rosén
Github
Mathias Karlsson
BountyDash – A local bug bounty statistics dashboard
June 15, 2017
login/logout CSRF
Mathias Karlsson
Login/logout CSRF: Time to reconsider?
March 15, 2017
Get research and tips from Detectify security experts and the Crowdsource hacker community
Subscribe to the Detectify Monthly Round-up
Mathias Karlsson
SQL Injection
SQLi in INSERT worse than SELECT
February 14, 2017
Cookie fixation
CSP
Mathias Karlsson
CSP flaws: cookie fixation
January 12, 2017
AddThis
Mathias Karlsson
postmessage
postMessage XSS on a million sites
December 15, 2016
Mathias Karlsson
postmessage
The pitfalls of postMessage
December 8, 2016
bug bounty
Fastly
Frans Rosén
Heroku
Mathias Karlsson
Combining host header injection and lax host parsing serving malicious data
October 24, 2016
Cross Site Scripting
Lastpass
Mathias Karlsson
XSS
How I made LastPass give me all your passwords
July 27, 2016