Detectify

Cross-site scripting (XSS) explained

Sep 5, 2018 By Detectify In Detectify

What is cross-site scripting (XSS)? Detectify security researcher and co-founder Fredrik Almroth (@Almroot) explains this common web vulnerability, how can it be executed using javascript, its impact and how to fix it.

View Video

Detectify

Read more about Cross-site scripting (XSS) explained

XSS using quirky implementations of ACME http-01

Sep 4, 2018 By Frans Rosén In Detectify

TL;DR Some hosting providers implemented http-01 having one part of the challenge key reflected in the response. This resulted in a huge amount of websites being vulnerable to XSS just because of their implementation of the http-01 ACME-challenge.

Read Post

Detectify

Read more about XSS using quirky implementations of ACME http-01

Bypassing and exploiting Bucket Upload Policies and Signed URLs

Aug 2, 2018 By Frans Rosén In Detectify

TL;DR Bucket upload policies are a convenient way to upload data to a bucket directly from the client. Going through the rules in upload policies and the logic related to some file-access scenarios we show how full bucket object listings were exposed with the ability to also modify or delete existing files in the bucket.

Read Post

Detectify

Read more about Bypassing and exploiting Bucket Upload Policies and Signed URLs

Detectify | Meet the Hacker - Fredrik Nordberg Almroth

Jul 16, 2018 By Detectify In Detectify

Our second Meet The Hacker episode features none other than Fredrik Almroth, one of our founding security researchers and Head of Engineering! Some of you may know him as @almroot! At the office Fredrik is heading up our team to keep all Detectify’s users secure and our tool awesome.

View Video

Detectify

Read more about Detectify | Meet the Hacker - Fredrik Nordberg Almroth

Detectify Crowdsource | Meet the Hacker-Gerben Janssen van Doorn

Jun 14, 2018 By Detectify In Detectify

Are you interested in ethical hacking but aren’t sure where to start? A formal degree is definitely not required. We sat down with one of our top-ranked Detectify Crowdsource hackers, Gerben Janssen van Doorn, and asked him about his white-hat journey so far. In this video he shares why XSS is key for getting started and its role in keeping your web security secure.

View Video

Detectify

Read more about Detectify Crowdsource | Meet the Hacker-Gerben Janssen van Doorn

How hackers approach Magento sites | Video by Detectify

Jun 12, 2018 By Detectify In Detectify

Have you ever wondered how a hacker would analyze and attack a Magento website? We picked the brains of two ethical hackers to find out. Detectify’s security experts Linus Särud and Fredrik Almroth share their insights and tips to help you keep your Magento store safe from hackers.

View Video

Detectify

Read more about How hackers approach Magento sites | Video by Detectify

Subscribe to Detectify

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Detectify

Cross-site scripting (XSS) explained

XSS using quirky implementations of ACME http-01

Bypassing and exploiting Bucket Upload Policies and Signed URLs

Detectify | Meet the Hacker - Fredrik Nordberg Almroth

Detectify Crowdsource | Meet the Hacker-Gerben Janssen van Doorn

How hackers approach Magento sites | Video by Detectify

Monthly Archive

Follow Us