The post Account hijacking using βdirty dancingβ in sign-in OAuth-flows appeared first on Detectify Labs.
Yesterday β 6 July 2022Web App
Before yesterdayWeb App
New Repeater features to help you test more efficiently
5 July 2022 at 08:39
If you use Burp Suite Professional or Burp Suite Community Edition for manual security testing, then you'll be familiar with tools like Burp Repeater and Burp Intruder. They make life as a tester much
PortSwigginar - 22 June
27 June 2022 at 14:44
Thank you to those who attended our recent PortSwigginar on Burp Suite Enterprise Edition. Below is the video of the session, which included: A recap on "what's new" within the product for those who h
Hack with βgoodfaithβ β A tool to automate and scale good faith hacking
21 June 2022 at 12:57
The post Hack with βgoodfaithβ β A tool to automate and scale good faith hacking appeared first on Detectify Labs.
Finding client-side prototype pollution with DOM Invader
20 June 2022 at 12:37
Last year we made it significantly easier to find DOM XSS, when we introduced a brand new tool called DOM Invader. This year, we've improved DOM Invader to make finding CSPP (client-side prototype pol
How to see the impact installing BApps might have on Burp Suite
16 June 2022 at 13:50
If you've ever installed any Burp extensions from the BApp Store, you'll know that it's a great way to extend your capabilities and tailor Burp Suite to your every need. If you've not, then what are y
How to: Look for TLS private keys on Docker Hub
16 June 2022 at 07:44
The post How to: Look for TLS private keys on Docker Hub appeared first on Detectify Labs.
Launching the PortSwigginar
9 June 2022 at 23:00
Thank you to those who attended our recent PortSwigginar on Burp Suite Enterprise Edition. Below is the video of the session, which included; A recap on βwhatβs newβ within the tool for those who have
Leveraging AWS QuickSight dashboards to visualize recon data
30 May 2022 at 13:21
The post Leveraging AWS QuickSight dashboards to visualize recon data appeared first on Detectify Labs.
Gin and Juice Shop: put your scanner to the test
16 May 2022 at 13:44
"Word". We heard that a lot of you have been having problems finding a truly dope vulnerable web application to wave your scanner at. As makers of the web's OG vulnerability scanner, we couldn't be le
How To Hack Web Applications in 2022: Part 1
16 May 2022 at 13:13
The post How To Hack Web Applications in 2022: Part 1 appeared first on Detectify Labs.
New tool release: Discovering the origin host to bypass web application firewalls
9 May 2022 at 08:29
The post New tool release: Discovering the origin host to bypass web application firewalls appeared first on Detectify Labs.
How to βwinterizeβ and secure your eCommerce website for the holidays
17 November 2020 at 12:49
The post How to βwinterizeβ and secure your eCommerce website for the holidays appeared first on Detectify Blog.
Detectify Security Updates for November 16
16 November 2020 at 13:28
The post Detectify Security Updates for November 16 appeared first on Detectify Blog.
Common Nginx misconfigurations that leave your web server open to attack
10 November 2020 at 08:27
The post Common Nginx misconfigurations that leave your web server open to attack appeared first on Detectify Blog.
Meet the team: Paul Hickey β selling the future of web app security
6 November 2020 at 11:20
The post Meet the team: Paul Hickey β selling the future of web app security appeared first on Detectify Blog.
Discover latest security vulnerabilities in minutes with Detectify
28 October 2020 at 13:42
The post Discover latest security vulnerabilities in minutes with Detectify appeared first on Detectify Blog.
Web Cache Entanglement β Novel Pathways to Poisoning
27 October 2020 at 16:07
Weβve previously covered his work concerning web cache poisoning and HTTP request smuggling which is intriguing for any software engineer to know about. This article will briefly highlight the main points about Web Cache Entanglement.
The post Web Cache Entanglement β Novel Pathways to Poisoning appeared first on Detectify Blog.
Detectify releases new and improved integrations
22 September 2020 at 11:41
The post Detectify releases new and improved integrations appeared first on Detectify Blog.
