For the best experience on desktop, install the Chrome extension to track your reading on news.ycombinator.com
Hacker Newsnew | past | comments | ask | show | jobs | submit | history | fromregister
Hacking CloudKit: How I accidentally deleted your Apple Shortcuts (detectify.com)
2 points by fanf2 on Sept 24, 2024 | past
Common Nginx misconfigurations that leave your web server open to attack (2020) (detectify.com)
14 points by fanf2 on May 28, 2024 | past
Account hijacking using “dirty dancing” in sign-in OAuth-flows (detectify.com)
1 point by caglarsayin on April 28, 2023 | past
Hacker School Reboot – insights from leading API hackers [video] (detectify.com)
1 point by Faskototo on Dec 26, 2022 | past
Nice explanation of exploiting OAuth flows (“dirty-dancing”) (detectify.com)
1 point by directionless on July 13, 2022 | past
Account hijacking using “dirty dancing” in sign-in OAuth-flows (detectify.com)
2 points by mooreds on July 7, 2022 | past
Looking for TLS private keys on Docker Hub (detectify.com)
2 points by Berg0X00 on June 17, 2022 | past
SSL certificates could be leaking company secrets (detectify.com)
4 points by Nallachi on Nov 12, 2021 | past | 1 comment
Types of Web Vulnerabilities That Are Often Missed (detectify.com)
2 points by sajjadium on Oct 5, 2021 | past
Hacking CloudKit: How I accidentally deleted your Apple shortcuts (detectify.com)
19 points by xhruso00 on Sept 13, 2021 | past | 2 comments
How to set up Docker for Varnish HTTP/2 request smuggling (detectify.com)
2 points by sharestuff on Aug 27, 2021 | past
How to Hack APIs in 2021 (detectify.com)
334 points by sharestuff on Aug 10, 2021 | past | 89 comments
What is a Prototype Pollution vulnerability and how does page-fetch help? (detectify.com)
1 point by mooreds on June 10, 2021 | past
CVE-2020-29653: Stealing Froxlor login credentials using dangling markup (detectify.com)
1 point by sharestuff on March 10, 2021 | past
Middleware, middleware everywhere – and lots of misconfigurations to fix (detectify.com)
2 points by zirak on Feb 26, 2021 | past
Common Nginx misconfigurations that leave your web server open to attack (detectify.com)
409 points by sshroot on Feb 25, 2021 | past | 58 comments
How I hijacked the top-level domain of a sovereign state (detectify.com)
295 points by Berg0X00 on Jan 15, 2021 | past | 62 comments
Tackling modern PHP bug classes (detectify.com)
2 points by sharestuff on Sept 17, 2020 | past
Do not dismiss the small vulnerabilities (2018) (detectify.com)
2 points by brlewis on June 16, 2020 | past
Go 1.12 runtime can cause OOM (Out of memory) error (detectify.com)
1 point by nexneo on Sept 16, 2019 | past
Thinking outside of the password manager box (detectify.com)
3 points by zulln on Feb 28, 2019 | past
I exploited TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain (2018) (detectify.com)
240 points by yread on Jan 28, 2019 | past | 77 comments
XSS using a bug in Safari and why blacklists are stupid (detectify.com)
2 points by SirOibaf on Oct 19, 2018 | past
XSS using quirky implementations of ACME http-01 (detectify.com)
2 points by hannob on Sept 8, 2018 | past
Scratching the surface of host headers in Safari (detectify.com)
1 point by zulln on April 9, 2018 | past
GraphQL abuse: Bypass account level permissions through parameter smuggling (detectify.com)
3 points by filleokus on March 15, 2018 | past
Using Google Analytics for data extraction (detectify.com)
1 point by 5706906c06c on Feb 1, 2018 | past
How I exploited TLS-SNI-01 to issue Let's Encrypt certs using shared hosting (detectify.com)
9 points by Titanous on Jan 12, 2018 | past | 2 comments
TrackMania – a Chrome plugin to stalk your friends on Tinder (detectify.com)
2 points by Serpentson on Oct 24, 2017 | past
The story of EV-SSL, AWS and trailing dot domains (detectify.com)
2 points by the_arun on Oct 24, 2017 | past | 1 comment

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search:

HN For You