What is Detectify?

XSS

Scratching the surface of host headers in Safari

host headers password managers Safari XSS
Popular tags XSS Frans Rosén Mathias Karlsson bug bounty Chrome
Chrome Chrome extensions Facebook Frans Rosén XSS

Dissecting the Chrome Extension Facebook malware

August 31, 2017
Tesla XSS

How we invented the Tesla DOM DOOM XSS

July 27, 2017
AWS bug bounty Frans Rosén privacy XSS

A deep dive into AWS S3 access controls – taking full control over your assets

July 13, 2017
Detectify Crowdsource Persistent XSS Team Tailor XSS

How I found a persistent XSS affecting thousands of career sites

June 28, 2017
Frans Rosén Slack XSS

Using Chrome’s web-custom-data UTI to inject a stored XSS in Slack

September 1, 2016
Cross Site Scripting Lastpass Mathias Karlsson XSS

How I made LastPass give me all your passwords

July 27, 2016
bug bounty Bugcrowd Cross Site Scripting Frans Rosén XSS

Frans Rosén’s Bugcrowd Guest Blog: Using a Braun Shaver to Bypass XSS Audit and WAF

April 19, 2016
Chrome Cross Site Scripting Safari Twins of Ten XSS

Solutions to the Twins of Ten XSS Challenge

July 14, 2015
Cross Side Scripting Twins of Ten XSS

XSS challenge – Twins of Ten

June 15, 2015
What is Detectify? Contact us Sign up for a free trial »
A security service for developers.