A few days ago, I came across the Apache Httpd Security Page and read about a XSS issue in mod_proxy. I couldn't find a Proof-of-Concept right away, so I
Sometimes I hear that network address translation (NAT) is considered a security feature. Unforunately, this is not necessarily true and I will try to demonstrate why with a practical example:
Git comes with a "git daemon" command that allows to easily provide access to a
repository so that it can be cloned with git clone git://host/repo.git. In
I recently came across a situation where I had to download my SSH public key
over the internet, but without common tools like netcat or a webserver.
Therefore, I decided
The blogpost is a follow-up to my last post about the "Jins2 Template Injection RCE" in the iCTF 2017 "flasking unicorns" service. This time it is about bypassing blacklist filtering