What is Detectify?

Mathias Karlsson

BountyDash – A local bug bounty statistics dashboard

bug bounty Frans Rosén Github Mathias Karlsson
login/logout CSRF Mathias Karlsson

Login/logout CSRF: Time to reconsider?

Mathias Karlsson SQL Injection

SQLi in INSERT worse than SELECT

Cookie fixation CSP Mathias Karlsson

CSP flaws: cookie fixation

AddThis Mathias Karlsson postmessage

postMessage XSS on a million sites

Mathias Karlsson postmessage

The pitfalls of postMessage

bug bounty Fastly Frans Rosén Heroku Mathias Karlsson

Combining host header injection and lax host parsing serving malicious data

Cross Site Scripting Lastpass Mathias Karlsson XSS

How I made LastPass give me all your passwords