Server-Side Template Injection (SSTI) — Explained Simply
Quick and hands-on walkthrough of an SSTI (Server-Side Template Injection) vulnerability using a PicoCTF challenge. No boring theory dumps — just straight...
Posts by Year
2025
2024
How to Use an AWS EC2 Server as a Proxy with SSH Tunneling
Using an AWS EC2 server as a proxy can be a powerful tool for various tasks such as accessing restricted content, enhancing security, or managing multipl...
2022
I am CompTIA Security+ Certified!
This exam was a fantastic learning experience, so I’m quite pleased with myself for taking it.
How I Reported a Vulnerability to My School’s Management Service Provider
This blog demonstrates how a weak authentication response and a lack of complexity in passwords can result in Authentication Bypass. Disclaimer This blo...
GoogleCTF: Vienna-Chemical-Plant (rev)
This is the GoogleCTF: Beginners’ Quest writeup/walkthrough. “Vienna-Chemical Plant” is the name of the first task.
Exposing local networks to the Internet.
We’ll talk about how to make your local network services public today (internet). There are several methods for doing so, including port forwarding, router c...