November 2018

Abuse MITM possible regardless of HTTPS

Nov 29, 2018 By Linus Särud In Detectify

Almost ten years ago Firesheep made the news. Security people had known for years the danger of public WiFi-networks, but it was not until someone made a user-friendly Firefox extension out of the idea until it really got people’s attention. Since then a lot has happened to the web, so would something like that still be possible?

Read Post

Detectify

Read more about Abuse MITM possible regardless of HTTPS

Detectify security updates for 29 November

Nov 29, 2018 By Detectify In Detectify

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

Read Post

Detectify

Read more about Detectify security updates for 29 November

Detectify for security teams

Nov 21, 2018 By Detectify In Detectify

Detectify is a web application and domain security tool that supports security teams in their day-to-day work. We work with 150+ handpicked ethical hackers to get access to vulnerabilities beyond the known CVE libraries that are not a sufficient test bed for modern application security.

View Video

Detectify

Read more about Detectify for security teams

Getting started with Detectify

Nov 13, 2018 By Detectify In Detectify

Detectify is an automated vulnerability scanner that helps you stay on top of threats by testing your web application for 1000+ vulnerabilities. Getting started with Detectify is easy - you can get up and running in a matter of minutes.

View Video

Detectify

Read more about Getting started with Detectify

Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Nov 13, 2018 By Detectify In Detectify

A recent vulnerability was sent in to Detectify Crowdsource regarding an unauthenticated remote code execution (RCE) in Oracle WebLogic Server. It is easily exploited and this video shows the proof of concept.

View Video

Detectify

Read more about Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2018

Abuse MITM possible regardless of HTTPS

Detectify security updates for 29 November

Detectify for security teams

Getting started with Detectify

Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Monthly Archive

Follow Us