Skip to content
No results
  • Main Blog
  • Offensive Security
  • Ops and Dev
    • SCOM
    • Web Dev
  • Other
    • SEO
  • About
scomurr.com logo banner

Play for serendipity...

  • Main Blog
  • Offensive Security
  • Ops and Dev
    • SCOM
    • Web Dev
  • Other
    • SEO
  • About
scomurr.com minimal logo

Play for serendipity...

cloudflare tunnel for on-prem
  • Automation, Security

Cloudflare Tunnel Setup for On-Prem Hosting

This is the first in a series of blog posts outlining how I have my lab configured for the purposes of leveraging on-prem resources (included AI models) from the public Internet. A core piece of technology I use for stitching…

  • scomurr
  • 08/31/2025
ssti lab 7 - featured image
  • SSTI, Security, Web Attacks

SSTI – Server-side template injection with a custom exploit

This one was definitely a step up in complexity. This is the 7th (and final as of Feb 2025) Server-Side Template Injection lab available on the PortSwigger Web Security Academy. I really enjoyed the series and intend on doing additional…

  • scomurr
  • 03/11/2025
ssti lab 6 - featured image
  • SSTI, Security, Web Attacks

SSTI – Server-side template injection in a sandboxed environment

Continuing the series on Server-Side Template Injection (SSTI) based on the PortSwigger Web Security Academy labs. This is the 6th in the series and we’re stepping up to an expert level lab. We’ve moved past rudimentary injection attacks and moved…

  • scomurr
  • 03/04/2025
ssti lab 5 featured image
  • SSTI, Security, Web Attacks

SSTI – Server-side template injection with information disclosure via user-supplied objects

This is the write up for the PortSwigger Web Security Academy 5th lab in the series for Server-Side Template Injection (SSTI). This one is definitely a step up in complexity. This goes beyond identifying the location for the injection and…

  • scomurr
  • 02/25/2025
monkey riding a bike - ssti lab 4 - featured image
  • SSTI, Security, Web Attacks

SSTI – Server-side template injection in an unknown language with a documented exploit

This is the fourth lab from the PortSwigger Web Security Academy on SSTI or Server Side Template Injection. This lab solves in almost exactly the same way as the previous labs – it’s a matter of finding where the vulnerability…

  • scomurr
  • 02/20/2025
1 2 3 4 … 19
Next
  • cloudflare tunnel for on-prem
    Cloudflare Tunnel Setup for On-Prem Hosting08/31/2025
  • ssti lab 7 - featured image
    SSTI – Server-side template injection with a custom exploit03/11/2025
  • ssti lab 6 - featured image
    SSTI – Server-side template injection in a sandboxed environment03/04/2025
  • ssti lab 5 featured image
    SSTI – Server-side template injection with information disclosure via user-supplied objects02/25/2025
  • monkey riding a bike - ssti lab 4 - featured image
    SSTI – Server-side template injection in an unknown language with a documented exploit02/20/2025

Scomurr.com is partially supported by readers like you. When you purchase products or services through our affiliate links, we may receive a commission. This will bring no extra costs to you and helps us to keep on creating content.

Legal

  • Terms and Conditions
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
  • DMCA
  • GDPR
  • Disclaimer

My Favorites

  • VistaSocial
  • NeuronWriter
  • Canva

Socials

Copyright © 2025 - WordPress Theme by CreativeThemes