Detectify Hacker News

Filters

Since:

Posts by Month (47 total)

Hacker News Posts

Search:

Title	Points	Comments	Date
LastPass autofill exploit	1,008	--	2016-07-27
Common Nginx misconfigurations that leave your web server open to attack	409	--	2021-02-25
Hacking Slack using postMessage and WebSocket-reconnect to steal your token	343	--	2017-03-01
How to Hack APIs in 2021	334	--	2021-08-10
How I hijacked the top-level domain of a sovereign state	295	--	2021-01-15
I exploited TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain (2018)	240	--	2019-01-28
Popular Google Chrome extensions are constantly tracking you by default	169	--	2015-11-19
How Patreon (probably) got hacked – Publicly exposed Werkzeug Debugger	32	--	2015-10-02
Slack Bot Token Leakage Exposing Business Critical Information	26	--	2016-04-28
Hacking CloudKit: How I accidentally deleted your Apple shortcuts	19	--	2021-09-13
Common Nginx misconfigurations that leave your web server open to attack (2020)	14	--	2024-05-28
How I disabled your Chrome security extensions	7	--	2015-08-03
Building an XSS Polyglot Through SWF and CSP	6	--	2015-05-28
Stealing files from web servers by exploiting a popular PDF generator	6	--	2015-03-25
Using Google Cloud to Bypass NoScript	5	--	2015-06-30
The story of EV-SSL, AWS and trailing dot domains	5	--	2016-10-06
SSL certificates could be leaking company secrets	4	--	2021-11-12
Thinking outside of the password manager box	3	--	2019-02-28
GraphQL abuse: Bypass account level permissions through parameter smuggling	3	--	2018-03-15
A deep dive into AWS S3 access controls – taking full control …	3	--	2017-07-13
Do not dismiss the small vulnerabilities (2018)	2	--	2020-06-16
Security is everyone’s business	2	--	2015-09-21
Detectify:a vulnerability scanner built with and for modern technologies	2	--	2015-07-08
Hacking CloudKit: How I accidentally deleted your Apple Shortcuts	2	--	2024-09-24
Account hijacking using “dirty dancing” in sign-in OAuth-flows	2	--	2022-07-07
Looking for TLS private keys on Docker Hub	2	--	2022-06-17
Types of Web Vulnerabilities That Are Often Missed	2	--	2021-10-05
How to set up Docker for Varnish HTTP/2 request smuggling	2	--	2021-08-27
Middleware, middleware everywhere – and lots of misconfigurations to fix	2	--	2021-02-26
Tackling modern PHP bug classes	2	--	2020-09-17
XSS using a bug in Safari and why blacklists are stupid	2	--	2018-10-19
XSS using quirky implementations of ACME http-01	2	--	2018-09-08
TrackMania – a Chrome plugin to stalk your friends on Tinder	2	--	2017-10-24
The pitfalls of postMessage	2	--	2016-12-08
What HPKP is but isn't	2	--	2016-07-05
Hacker School Reboot – insights from leading API hackers [video]	1	--	2022-12-26
Go 1.12 runtime can cause OOM (Out of memory) error	1	--	2019-09-16
The 7 biggest web security news of 2015	1	--	2015-12-17
What is a Prototype Pollution vulnerability and how does page-fetch help?	1	--	2021-06-10
CVE-2020-29653: Stealing Froxlor login credentials using dangling markup	1	--	2021-03-10
Scratching the surface of host headers in Safari	1	--	2018-04-09
Using Google Analytics for data extraction	1	--	2018-02-01
Stored XSS-Ing Millions of Sites Through HTML Comment Box	1	--	2017-01-22
CSP flaws: cookie fixation	1	--	2017-01-14
Using Chrome's Web-Custom-data UTI to Inject a Stored XSS in Slack	1	--	2016-09-08
Almost impossible Slack XSS	1	--	2016-09-02
Check if you're affected by the Dell root CA scandal	1	--	2015-11-23

Plushcap, by Matt Makai. 2021-2026.

Detectify on HN