Security Research & Engineering
Web AppSec
Engineer
Applied research in web application security. Vulnerabilities, hands-on labs, CTFs, applied cryptography, and secure development — documented with technical precision.
This space compiles studies, technical notes, and labs on web application security. The content ranges from classic vulnerabilities like XSS and SQL Injection to advanced analysis and exploitation techniques. The goal is to document the learning process in a structured way — like a security engineering grimoire, built layer by layer.
Recent Posts
see all →Understand what XSS is, how it works in practice, its real-world impact, and how to write code that is not vulnerable to this type of attack.
→When a malicious site makes your browser act against you.
→A straightforward guide to SQL Injection — how the vulnerability works, practical exploitation examples, and defenses that actually work.
→