Search What is Detectify?
×

Web security blog

Search

Introducing Asset Inventory: stay on top of your web asset security

asset inventory asset monitoring product update
Most read articles
How we got read access on Google’s production servers » How I hacked Facebook and received a $3,500 USD Bug Bounty » Misconfigured email servers open the door to spoofed emails from top domains »

Meet the Team: Emelie Andersson – Building a fast-flying sales team

Meet the team Sales woman in security
Is your web application secure? Sign up for a free trial and check your web application for 1000+ vulnerabilities

Bypassing Cloudflare WAF with the origin server IP address

cloudflare Detectify Crowdsource Gwendal Le Coguic WAF

Improving WordPress plugin security from both attack and defense sides

Detectify Crowdsource Paul Dannewitz Plugins WordPress

What is a blind vulnerability and how can it be exploited and detected? 

blind vulnerabilities injection out-of-band SQL

Anne-Marie Eklund Löwinder: “I was good at making others’ code stop running very early on.”

Anne-Marie Eklund Löwinder CISO IIS interview keys to the internet woman in security

Content Security Policy (CSP) explained including common bypasses

CSP response headers

Lerhan: Bypassing IDOR protection with URL shorteners

Detectify Crowdsource IDOR Lerhan URL shorteners

HTTP response splitting exploitations and mitigations

http headers HTTP response splitting XSS

Fitting automated security throughout the CI/CD pipeline

automated security CI/CD DAST DevSecOps
What is Detectify? Contact us Detectify Labs tech blog Sign up for a free trial »
A security service for developers. Go hack yourself!