What is Detectify?
XSS
Security
Writeups
How to
Detectify
Scratching the surface of host headers in Safari
host headers
password managers
Safari
XSS
Popular tags
XSS
Frans Rosén
Mathias Karlsson
bug bounty
Chrome
Chrome
Chrome extensions
Facebook
Frans Rosén
XSS
Dissecting the Chrome Extension Facebook malware
August 31, 2017
Tesla
XSS
How we invented the Tesla DOM DOOM XSS
July 27, 2017
AWS
bug bounty
Frans Rosén
privacy
XSS
A deep dive into AWS S3 access controls – taking full control over your assets
July 13, 2017
Detectify Crowdsource
Persistent XSS
Team Tailor
XSS
How I found a persistent XSS affecting thousands of career sites
June 28, 2017
Frans Rosén
Slack
XSS
Using Chrome’s web-custom-data UTI to inject a stored XSS in Slack
September 1, 2016
Cross Site Scripting
Lastpass
Mathias Karlsson
XSS
How I made LastPass give me all your passwords
July 27, 2016
bug bounty
Bugcrowd
Cross Site Scripting
Frans Rosén
XSS
Frans Rosén’s Bugcrowd Guest Blog: Using a Braun Shaver to Bypass XSS Audit and WAF
April 19, 2016
Chrome
Cross Site Scripting
Safari
Twins of Ten
XSS
Solutions to the Twins of Ten XSS Challenge
July 14, 2015
Cross Side Scripting
Twins of Ten
XSS
XSS challenge – Twins of Ten
June 15, 2015
1
2
Next »