Skip to main content

One post tagged with "cybersecurity"

View All Tags

CTF as a developer (Pt. 1): Template engines & SSTI

· 8 min read
Abdeldjalil Fortas
A part-time Karantika lover

Being a software developer is a responsibility, it’s a job where we provide secure and stable services and infrastructure to users who trust us (or trust regulations that ensure we are trustworthy).

To learn more about cybersecurity principles, and why some “best practices” matter, I decided to play some CTF challenges instead of only relying on reading articles and scrolling into OWASP top 10’s documentation.

My beginning was with HackTheBox. For some reason, some of the challenges I did had Server-side Template Injection (SSTI) vulnerabilities which I’m starting this blog series with.