Articles


Security
Ostorlab detects Dependency Confusion
Wed 03 March 2021

Dependency Confusion is a new attack with high severity impact. This article is an overview of the vulnerability as well as other supply chain attacks.

Web
Finding superhuman XSS polyglot payloads with Genetic Algorithms
Mon 01 March 2021

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

News
News and Updates of Week 8
Sun 28 February 2021

This weeks is marked by multiple high profile data breaches affecting Cashalo, Npower, Kia, T-Mobile and Clubhouse.

Ostorlab
Ostorlab adds Web Security Scanning to its arsenal
Mon 15 February 2021

Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.

Ostorlab
Release of a new analysis environment to aid manual assessment
Mon 11 January 2021

New Analysis Environment with access to disassembly, decompiled source, call trace, function tagging and many other features.

Mobile
Finding and Validating Hardcoded Keys and Secrets
Fri 30 October 2020

Hardcoded secrets are easy to find and might open a gate to sensitive data or privileged access. This makes them a great target for Bug Bounty hunters and Attackers.

Autonomous Security
Autonomous Security: Pushing Security Automation to the Next Level
Mon 26 October 2020

The article introduces the term Autonomous Security in the context of security scanning and defines 5 tiers of maturity.

Ostorlab
Two efficient features to continuously monitor mobile applications
Sat 24 October 2020

Whether we are developing a mobile application or assessing its security, we need to continuously review it with every new release. Repetitively building the app, uploading the file, and creating a scan quickly becomes an annoyance. Ostorlab is excited to announce the introduction of two new features to ease the burden of testing your app.

Ostorlab
Create scans directly from the Android and iOS Store
Sun 16 August 2020

Ostorlab now supports creating scans directly from Android Play Store and iOS App Store