Detectify team’s 10 favourite security books
November 30 is Computer Security Day, a day dedicated to security awareness and education. To celebrate, we have put together...
Read more →Category: Mix
Attack Types in Web Fuzzing
Fuzzing은 어플리케이션을 테스트하고 보안 취약점을 찾아내기 위해서 가장 일반적으로 사용하는 기술입니다. 보통 Burpsuite의 Intruder, Turbo Intruder 또는 ZAP의 Fuzz, Caido의...
Read more →
My Career Just Got Hacked: Rana Robillard Joins HackerOne
My career just got hacked.. and I couldn’t be more excited about it. Turns out, getting your career hacked* can...
Read more →
CAPTCHA does not prevent cross-site request forgery (CSRF)
In our dialogues with customers, we often come across cross-site request forgery (CSRF) findings marked as False Positives due to having...
Read more →
Live hacking the U.S. Air Force, UK Ministry of Defence and Verizon Media in Los Angeles at h1-213
On November 6th, over 60 hackers descended on the City of Angels for the final HackerOne flagship live hacking event...
Read more →
Detectify’s Year in Review 2017
December is here again and the year is coming to a close even though it feels like it was January...
Read more →
Six years of the GitHub Security Bug Bounty program
This guest blog post was authored by Brian Anglin, Application Security Engineer at GitHub and originally published on the GitHub...
Read more →
7 biggest security news of 2017
Cloud security, ransomware, and poor incident responses have all shaped security discussions in 2017. Another interesting year in security has...
Read more →
Hack for Good: Easily Donate Bounties to WHO’s COVID-19 Response Fund
The community has come together in some amazing ways to support COVID-19 relief efforts from Marc Rogers’ CTI League, the...
Read more →
ACME TLS-SNI-01 shared hosting exploit using Let’s Encrypt
On Tuesday, January 9, Detectify’s security advisor Frans Rosén discovered and reported a security issue in in TLS-SNI-01 validation in...
Read more →
Live Hacking Goes Virtual | HackerOne
At a time when security must be managed remotely, HackerOne and Verizon Media called on the naturally remote and global...
Read more →
GDPR security from an ethical hacker’s perspective
Discussions about the GDPR (General Data Protection Regulation) often touch upon security, a topic that few people know as well...
Read more →