Shervoni

https://sh2rwx.github.io/ShervoniBlog, CTFs, Write ups, Projects 2026-01-02T10:08:50+00:00 Shervoni https://sh2rwx.github.io/ Jekyll © 2026 Shervoni /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png TCM SOC 101 - Notes2024-12-20T00:00:00+00:00 2024-12-20T00:00:00+00:00 https://sh2rwx.github.io/posts/TCM-SOC-101-Notes/ Shervoni

Part 1 - SOC Fundamentals Context: This section covers the foundational concepts of Security Operations Centers (SOCs). Understanding these basics is essential for anyone entering cybersecurity operations, as it explains how organizations centralize their security monitoring and response capabilities. SOC (Security Operations Center) - A centralized unit that monitors, detects, and responds to...

Access Control Vulnerabilities2024-12-05T00:00:00+00:00 2024-12-07T16:21:28+00:00 https://sh2rwx.github.io/posts/access-control-vulnerabilities/ Shervoni

Understanding Access Control Vulnerabilities Access control vulnerabilities occur when a web application fails to enforce proper restrictions on user actions or resources. This enables attackers to escalate privileges, access unauthorized data, or misuse sensitive functionality. These flaws are often critical and easy to exploit, making them a high-priority focus in security assessments. Vert...

Access Control Cheatsheet2024-12-05T00:00:00+00:00 2025-12-13T07:06:06+00:00 https://sh2rwx.github.io/posts/access-control-vulnerabilities-cheatsheet/ Shervoni

Access Control Vulnerabilities Summary and Testing Guide What Are Access Control Vulnerabilities? Access control vulnerabilities occur when an application does not properly restrict users’ access to actions or data. This allows unauthorized users to: Perform admin-only functions (vertical privilege escalation). Access other users’ data or resources (horizontal privilege escalation). Exp...

Information Disclosure Vulnerabilities2024-11-19T00:00:00+00:00 2024-11-19T00:00:00+00:00 https://sh2rwx.github.io/posts/information-disclosure/ Shervoni

What is Information Disclosure? Information disclosure, also known as information leakage, occurs when a website unintentionally reveals sensitive information to its users. Depending on the context, websites may leak all kinds of information to a potential attacker, including: Data about other users, such as usernames or financial information Sensitive commercial or business data Techn...

Path Traversal Vulnerabilities: Cheatsheet2024-11-15T00:00:00+00:00 2025-12-13T07:06:23+00:00 https://sh2rwx.github.io/posts/path-traversal-vulnerabilitys-cheatsheet/ Shervoni

When testing for path traversal vulnerabilities, look for every potential entry points. Path Traversal Testing Cheatsheet Check for endpoints with file operations (e.g., load, file, path, image, download). Test common file parameters like file=, path=, dir=, image=. Modify URL paths to include traversal sequences (e.g., ../, ..\, ../../file.txt). Test static resources or templates (e...