What is Detectify?


Hacking Slack using postMessage and WebSocket-reconnect to steal your precious token

Frans Rosén postmessage Slack
AddThis Mathias Karlsson postmessage

postMessage XSS on a million sites

Mathias Karlsson postmessage

The pitfalls of postMessage

Get research and tips from Detectify security experts and the Crowdsource hacker community Subscribe to the Detectify Monthly Round-up