Reversing the CVE-2022-26135 update for fun and PoC

Analyzing and exploiting an SSRF vulnerability in Atlassian Jira

How can the server-side request forgery (SSRF) vulnerability in Atlassian Jira be exploited? What indicators are present after a successful exploitation? How was the vulnerability fixed?

Subdomain takeover at

Reporting another subdomain takeover vulnerability

When I was first scanning for abandoned CNAME entries and found subdomains of which could have easily been taken over, I also found a vulnerable subdomain at The backstory is the same as in that other post so I won’t repeat it here.

Subdomain takeover at

Finding and reporting a subdomain takeover vulnerability

Being inspired by Patrik Hudak accomplishing a subdomain takeover at I decided to scan for some abandoned DNS records. From a different project I still had a script ready to search for a target domains subdomains on and extended that to find subdomains with non-resolvable CNAME records.

Windows Server 2019 Proxmox Template

Creating and deploying a Windows Server 2019 template on Proxmox

This post is about creating a template for Windows Server 2019 on Proxmox, selecting some default settings and deploying a first VM from that template.

Acme-dns on CentOS 7

Setting up acme-dns on CentOS 7 and configuring a client

In this post an acme-dns server will be set up and a client will acquire a Let’s Encrypt certificate using the DNS-01 challenge.

Page 1 of 2