About me

My name is Valentin Höbel (Hoebel) and I am living in Munich, Germany. I am mainly focused on virtualization (especially Xen), IT-Security, Linux and common services (like LDAP, DNS, DHCP or DRBD). In my spare time I do some security research, consume Scifi stuff and hang out with my friends. Like all real geeks I love watching movies alot.

In addition I try to contribute to the open source community by publishing own tools, submitting bug reports, participating in discussions (e.g. the latest WHOIS protocol debate), writing tutorials, translating documents from English to German and vice versa (e.g. for the Xen community) and help out in various message boars. I am always willing to learn, but at the same time want to share the little knowledge I already gained.

This blog was created for sharing the stuff I have in mind, but most of the blog entries will be about IT security or vulnerabilities I discovered. Please feel free to contact me if you have any feedback, questions or simply want to drop a short notice.

Please notice that no blog entry is published in order to cause any damage or to motivate people harming something/someone. I believe in the fact that information should be free and shared among each other. It is not my responsibility if someone abuses the knowledge which can be found here. Please always respect and know your local laws.

The blog was created for educational purposes only, e.g. for helping you how to do penetration testing on web apps. If there is any legal issue you need to solve, please contact me first before suing me. Thanks.

For software vendors
If you are a software vendor (web-apps, extensions for CMS, websites) and need help on pen-testing your own website you may contact me at any time. If I have time I am willing to be a helping hand! I do this for free since I believe in having a certain responsibility. It is always great when security enthusiasts not only publish vulnerabilities but also help the vendors to fix them.

If I discovered a vulnerability in your software and you want to drop me an email because of complaining or needing help I will take the time to respond to your request.

About using the Glider
As you might have noticed, I am using the Glider. Although I am not a hacker, I am associating myself with the hacker culture. Today, the media often claims that hackers are destructive beings. Please notice that this is not something I am referring to when I use the term hacker.

Hackers are per definition creative beings, being able to learn and understand new things within a short amount of time. In many cases hackers are very intelligent and a little bit freaky at the same time. Nevertheless, today many popular open source products are based on the work of hackers. Without hackers, the Internet and IT-world itself wouln’t be the same place. That is why I am associating myself with this culture.

When the media calls someone a “hacker”, they often want to describe a human being breaking into a computer system and leaving a mess behind. This is not what I consider as a hacker, and the hacker culture often does not support the actions of single individuals who can be called “crackers”.

I myself disapprove any action which can be considered as destructive behavior, like defacing websites or stealing the personal data from human beings.

You need help with your open source project?
I am a huge fan of open source and am always willing to participate in various projects. If you need some help with your project and think that I might prove helpful, please let me know. In most cases I help with:

  • providing documentation (e.g. writing man pages, FAQs, moderating forums, writing for a wiki)
  • fixing bugs (Python, Perl, bash, little C/C++)
  • providing ideas for new features or how to solve a specific problem
  • designing the interface of web applications (XHTML, CSS, PHP, MySQL, JavaScript)
  • building websites of open source projects
  • donating small amounts of money
  • providing a hosting infrastructure for open source project
  • knowledge transfer
  • writing tutorials for applications
  • writing articles and therefore help promoting specific projects
  • community management
  • server administration
  • database design (MySQL, Postgres)
  • security tests (e.g. pentesting web applications)
  • publishing blog entries on xenuser.org in order to promote your project

Simply contact me via valentin [at] xenuser [dot] org if you need someone reliable! :)