About
Hi, I’m Shivansh.
I’m a cybersecurity enthusiast focused on web application security, penetration testing, and vulnerability research. This blog is where I document my learning journey through hands-on labs, security challenges, and practical exploitation techniques.
My work includes testing and researching:
- Web Application Security
- API Security
- Authentication & Access Control
- IDOR Vulnerabilities
- SSRF
- GraphQL Security
- Business Logic Vulnerabilities
- Security Misconfigurations
- Reconnaissance & Enumeration
I also explore:
- Server exploitation
- CTF writeups
- TryHackMe labs
- Real-world inspired attack scenarios
- Post-exploitation concepts
Most of the content published here is based on practical labs, custom testing environments, and challenge-based learning platforms.
What You’ll Find Here
- Detailed vulnerability writeups
- Step-by-step exploitation walkthroughs
- API testing techniques
- Web security research
- Recon methodologies
- Notes from labs and CTFs
- Security tooling experiments
Platforms & Practice
Some of the platforms and environments I use include:
- BugForge
- TryHackMe
- Custom lab environments
- CTF challenges
- OWASP practice labs
Goal
The goal of this blog is to continuously improve my offensive security skills, document technical findings clearly, and build a structured knowledge base around practical cybersecurity testing.
All testing and exploitation demonstrated on this blog are performed in authorized lab or training environments.