HTTP Strict Transport Security

Did you know the HSTS header can be used as a tracking mechanism? Or that Firefox caps the number of stored HSTS entries at 1024? Starting with the very basics, this blog post will cover all of the above topics.

March 25, 2023 · 16 min · Konstantin

Burp Suite Certified Practitioner

I passed the Burp Suite Certified Practitioner exam in my third attempt and compiled my insights, so you can learn from my mistakes. This guide will help you to pass the exam and get certified!

January 29, 2023 · 7 min · Konstantin

What I Learned About Mastodon

This short blog post gives an introduction into Mastodon. It discusses the basics of servers, mobile apps, federation, timelines and some social features.

December 30, 2022 · 3 min · Konstantin

Security of Diffie-Hellman-Merkle Key Exchange

This blog post discusses the security of the Diffie-Hellman-Merkle key exchange. It contains a bit of theory, takes a look at possible attack vectors and evaluates its implementation in SSH.

April 20, 2022 · 18 min · Konstantin

How to Set Up This Blog

This post explains how to undertake extensive customization to the layout and other components of a Hugo blog. It starts out with the basic setup and finishes with the final deployment.

September 6, 2021 · 17 min · Konstantin