Search What is Detectify?

Web security blog

Meet the Team: Emelie Andersson – Building a fast-flying sales team

Meet the team Sales woman in security

Bypassing Cloudflare WAF with the origin server IP address

cloudflare Detectify Crowdsource Gwendal Le Coguic WAF

Improving WordPress plugin security from both attack and defense sides

Detectify Crowdsource Paul Dannewitz Plugins WordPress

What is a blind vulnerability and how can it be exploited and detected? 

blind vulnerabilities injection out-of-band SQL

Anne-Marie Eklund Löwinder: “I was good at making others’ code stop running very early on.”

Anne-Marie Eklund Löwinder CISO IIS interview keys to the internet woman in security

Content Security Policy (CSP) explained including common bypasses

CSP response headers

Lerhan: Bypassing IDOR protection with URL shorteners

Detectify Crowdsource IDOR Lerhan URL shorteners

HTTP response splitting exploitations and mitigations

http headers HTTP response splitting XSS

Fitting automated security throughout the CI/CD pipeline

automated security CI/CD DAST DevSecOps

The real impact of an Open Redirect vulnerability

open redirect SSRF web vulnerability