CVE Crowd: Conditions for Posts to Be Listed

This blog post goes into detail what conditions accounts and posts have to fulfill to be listed on CVE Crowd.

December 22, 2023 · 5 min · Konstantin

CVSS v4.0 Public Preview

CVSS v4.0 will be published on October 1, 2023, with major changes compared to CVSS v3.1. This blog posts discusses these changes in detail and provides example vulnerabilities to clarify the new concepts.

August 13, 2023 · 7 min · Konstantin

Prompt Injection

This blog post covers the basics of prompt injection and provides you with some common techniques to reveal the system prompt.

July 17, 2023 · 9 min · Konstantin

Brute-Forcing One-Time Passwords

One-time passwords are much more likely to be guessed than you think. This blog post discusses the probability of brute-forcing them, how to do it effectively and how to defend against attacks.

June 18, 2023 · 6 min · Konstantin

JavaScript Analysis for Pentesters

Pentesting web applications thoroughly requires you to analyze their JavaScript. I’ve summarized my knowledge from 5 years of pentests into this blog post.

May 18, 2023 · 23 min · Konstantin