From 84a7d7bda93a29d7f536abc29e96e7aa2e5cee89 Mon Sep 17 00:00:00 2001
From: wstgbot <62450690+wstgbot@users.noreply.github.com>
Date: Fri, 28 Nov 2025 11:04:47 +0000
Subject: [PATCH] Publish Latest 2025-11-28

Updates based on OWASP/wstg@6af9a59
---
 .../01-Information_Gathering/02-Fingerprint_Web_Server.md       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md b/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md
index ee7e6d1..d4304cd 100644
--- a/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md
+++ b/latest/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server.md
@@ -109,7 +109,7 @@ Testers can use this information to guess that the obscured server is nginx. How
 
 Web servers may be identified by examining their error responses, and in the cases where they have not been customized, their default error pages. One way to compel a server to present these is by sending intentionally incorrect or malformed requests.
 
-For example, here is the response to a request for the non-existent method `SANTA CLAUS` from an Apache server.
+For example, here is the response to a request for the non-existent HTTP version `SANTA CLAUS` from an Apache server.
 
 ```sh
 GET / SANTA CLAUS/1.1