Aug 6, 2019 | By Detectify
Good security starts with knowing your web assets. To enable transparency over your tech stack, we have released Asset Inventory, a new view that helps you prioritize security issues and collaborate across teams to stay on top of your web asset security. This release is the first step towards broader asset tracking functionality in Detectify.
Jul 31, 2019 | By Detectify
This is a guest blog post from Detectify Crowdsource hacker, Gwendal Le Coguic. This is a tutorial on how to bypass Cloudflare WAF with the origin server IP address.
Jul 23, 2019 | By Detectify
Paul is a front- & backend developer with a passion in security, who creates designs occasionally. After starting out with WordPress plugin vulnerabilities, he joined the bug bounty world and now also a white hat hacker in the Detectify Crowdsource community. As he has acquired his knowledge through community resources himself and wants to make the internet a safer place, he shares his know-how to give something back and in this case tips on WordPress plugin security.
Jul 19, 2019 | By Detectify
There are times where an attacker can hack a system and yet nothing is sent back, and this is classified as a blind vulnerability. This article will explain blind vulnerability detection and how Detectify’s scanner detects them: If we simplify web hacking, it usually means that an attacker is sending some data from their computer to a server, the server processes the data and then sends something back to the attacker.
Jul 18, 2019 | By Detectify
She’s the CISO of The Internet Foundation of Sweden (IIS) and one of 14 trusted individuals to hold a Key to the Internet, which means the DNSSEC key generation for the internet root zone. Anne-Marie Eklund Löwinder is also one of the few Swedes who have been inducted into the Internet Hall of Fame.
May 28, 2019 | By Detectify
This Meet the Hacker episode features Detectify Crowdsource hacker, Linus Särud aka @_zulln. He is a security researcher at Detectify and he specializes in finding web application vulnerabilities. Linus started hacking when he was in his early teens and found a bug in Google Translate.
Apr 11, 2019 | By Detectify
Detectify is a scalable web app security scanner that automates 1000+ security tests to help you release secure applications. With Detectify, you can test your code with real exploits to identify and fix vulnerabilities in both staging and production environments. The service is continually updated with new security tests thanks to Detectify Crowdsource, a global network of handpicked security researchers.
Mar 21, 2019 | By Detectify
Object-Graph Navigation Language (OGNL) is an expression language for handling Java objects. When an OGNL expression injection vulnerability is present, it is possible for the attacker to inject OGNL expressions. Many critical Apache Struts CVEs are the result of GNL expression injection. Watch our short attack demo video where we explain Apache Struts OGNL expression injection and how it works.
Jan 2, 2019 | By Detectify
Great to see you’re interested in using Detectify to check your web application security! Here is a video demo to walk you through the Detectify tool to get started, add a scan profile, integration options, profile settings and show you how each of our features work. This will also show you how to use the API.