Search What is Detectify?
×

Web security blog

Search

Bypassing Cloudflare WAF with the origin server IP address

cloudflare Detectify Crowdsource Gwendal Le Coguic WAF
Most read articles
How we got read access on Google’s production servers » How I hacked Facebook and received a $3,500 USD Bug Bounty » Misconfigured email servers open the door to spoofed emails from top domains »

Improving WordPress plugin security from both attack and defense sides

Detectify Crowdsource Paul Dannewitz Plugins WordPress
Is your web application secure? Sign up for a free trial and check your web application for 1000+ vulnerabilities

What is a blind vulnerability and how can it be exploited and detected? 

blind vulnerabilities injection out-of-band SQL

Anne-Marie Eklund Löwinder: “I was good at making others’ code stop running very early on.”

Anne-Marie Eklund Löwinder CISO IIS interview keys to the internet woman in security

Content Security Policy (CSP) explained including common bypasses

CSP response headers

Lerhan: Bypassing IDOR protection with URL shorteners

Detectify Crowdsource IDOR Lerhan URL shorteners

HTTP response splitting exploitations and mitigations

http headers HTTP response splitting XSS

Fitting automated security throughout the CI/CD pipeline

automated security CI/CD DAST DevSecOps

The real impact of an Open Redirect vulnerability

open redirect SSRF web vulnerability

Meet the Hacker: Inti De Ceukelaire – “While everyone is looking for XSS I am just reading the docs.”

crowdsource Meet the hacker securinti
What is Detectify? Contact us Detectify Labs tech blog Sign up for a free trial »
A security service for developers. Go hack yourself!