<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Web Security on SOPHY'S CYBERLAB</title><link>https://xblankzgap.github.io/cyber-portfolio/tags/web-security/</link><description>Recent content in Web Security on SOPHY'S CYBERLAB</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sun, 05 Apr 2026 10:00:00 +0100</lastBuildDate><atom:link href="https://xblankzgap.github.io/cyber-portfolio/tags/web-security/index.xml" rel="self" type="application/rss+xml"/><item><title>Web-to-System Pivot via Command Injection</title><link>https://xblankzgap.github.io/cyber-portfolio/posts/web-to-system-pivot-reverse-shell/</link><pubDate>Tue, 30 Sep 2025 10:00:00 +0100</pubDate><guid>https://xblankzgap.github.io/cyber-portfolio/posts/web-to-system-pivot-reverse-shell/</guid><description>&lt;p>&lt;strong>Objective:&lt;/strong> To exploit a Command Injection vulnerability in a web application to bypass input filters and establish a persistent Remote Shell.&lt;/p></description></item><item><title>Session Hijacking via Automated Cookie Exfiltration</title><link>https://xblankzgap.github.io/cyber-portfolio/posts/session-hijacking-cookie-exfiltration/</link><pubDate>Sun, 05 Apr 2026 10:00:00 +0100</pubDate><guid>https://xblankzgap.github.io/cyber-portfolio/posts/session-hijacking-cookie-exfiltration/</guid><description>&lt;p>&lt;strong>Objective:&lt;/strong> To demonstrate the ease of unauthorized cookie acquisition and subsequent account compromise using browser-based exfiltration tools.&lt;/p></description></item><item><title>Insecure Direct Object Reference (IDOR) &amp; Path Traversal Discovery</title><link>https://xblankzgap.github.io/cyber-portfolio/posts/idor-path-traversal-discovery/</link><pubDate>Mon, 15 Dec 2025 10:00:00 +0100</pubDate><guid>https://xblankzgap.github.io/cyber-portfolio/posts/idor-path-traversal-discovery/</guid><description>&lt;p>&lt;strong>Objective:&lt;/strong> To identify and verify directory traversal vulnerabilities that allow unauthorized access to sensitive system files.&lt;/p></description></item></channel></rss>