Sven – WindowsTechs.com

Web application discovery: Can there be virtual hosts configured even when there is a response without host header?

Posted on September 24, 2022 by Sven

I’m currently learning how to discover web applications running on a machine using port scanning, vhost bruteforcing and directory fuzzing. When it comes to port scanning, there is one thing I can’t wrap my head around.
Let’s say I have sc… Continue reading Web application discovery: Can there be virtual hosts configured even when there is a response without host header?→

Server Side Template Injection (SSTI): Difference between plaintext context and code context?

Posted on September 14, 2022 by Sven

I am learning pentesting, currently studying Server Side Template Injection. I understood there are two types of SSTI – plaintext context and code context – but struggle to understand what exactly is the practical difference between them.
… Continue reading Server Side Template Injection (SSTI): Difference between plaintext context and code context?→

Learning path to more advanced security knowledge? (security in OS-context mostly) [on hold]

Posted on August 13, 2019 by Sven

Some background:
I obtained an Msc degree in scientific computing 7 years ago.
Since then I’ve been working in government IT as an IT / business analist.
My exposure to enterprise IT is mostly conceptual from discussions with… Continue reading Learning path to more advanced security knowledge? (security in OS-context mostly) [on hold]→