#web Articles


Ostorlab
Improved Attack Surface Discovery, Mobile and Web Security Scanning
Thu 18 August 2022

Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.

Mobile Applications
How did we react to Log4j vulnerability? Read our analysis for mobile applications.
Mon 20 December 2021

What is the impact of Log4j vulnerability on mobile applications

Newsletter
Ostorlab Nuggets in June issue 5
Thu 27 May 2021

Health Tech, Compromises and attacks, Instrumentation, Black Hat conferences, eBPF and moreā€¦.

Security
Ostorlab detects Dependency Confusion
Wed 03 March 2021

Dependency Confusion is a new attack with high severity impact. This article is an overview of the vulnerability as well as other supply chain attacks.

Web
Finding superhuman XSS polyglot payloads with Genetic Algorithms
Mon 01 March 2021

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

Ostorlab
Ostorlab adds Web Security Scanning to its arsenal
Mon 15 February 2021

Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.

Pentest
Security, what opportunities and challenges for 2019?
Mon 07 January 2019

Use the start of the year to contemplate how the previous year went, and prepare for the upcoming is an important exercise to put things into perspective and reevaluate some of our choices.

Web
DOM XSS Fuzzing strategies - Part 1
Sat 22 December 2018
By ASM

XSS are still by far the most common tyope of vulnerabilities, this article presents strategies to automate the search for XSSes.

Ostorlab
New Features and Roadmap
Thu 20 September 2018

The last few months, Ostorlab team has been hard at work adding exciting new features. Some of these have already hit production, or will do so in the upcoming weeks and months.

Pentest
What every pentesters should learn in 2016
Sat 02 January 2016

The last years have come with meaningful changes in the way IT professionals operate and the way we approach security...