Hi, I'm Raj Sheth
Cybersecurity student exploring web security, system behaviour, and practical security analysis.
I enjoy understanding how applications handle requests, how different attack patterns behave, and how small changes in traffic reveal important security insights. My work focuses on hands-on learning, clear documentation, and building a strong technical foundation.
Web Security & WAF
My core interest lies in analyzing web traffic, understanding attack patterns, and studying the behavior of Web Application Firewalls.
HTTP Request/Response Analysis
Dissecting traffic to understand how applications and attacks communicate.
WAF Fingerprinting
Using tools like WAFW00F to identify and study WAF presence and behavior.
Payload Pattern Analysis
Studying SQLi, XSS, and Traversal payloads to understand detection logic.
OWASP Top 10 Concepts
Applying theoretical knowledge in practical lab environments.
Featured Security Work
A selection of my hands-on lab work and security research in web security.
WAF Fingerprinting & Behaviour Analysis
Lab-based WAF fingerprinting using WAFW00F, observing response differences across request types to understand how WAFs classify traffic.
Web Server Enumeration & HTTP Analysis
Analyzing HTTP headers, status codes, and content types through request manipulation, directory discovery, and mapping server behaviour.
XODA File Upload Exploitation (Lab)
A controlled lab exercise on file upload exploitation, tracking request structures and detection patterns to identify indicators for signature logic.
Additional Projects
More of my work across different areas of cybersecurity.
Wireshark Packet Analysis
Packet-level inspection, protocol dissection, and network flow understanding using Wireshark. Shows investigative workflow for security analysts.
Password Cracking Basics
Hands-on practice with password hashes, cracking tools, and brute-force/wordlist attacks. Demonstrates methodology used in real assessment workflows.
Firewall Detection & IDS Evasion
Methods for identifying firewalls/IDS and adjusting scans to avoid detection. Includes timing, packet crafting, and stealth techniques.
Pen Testing with Metasploit (MSF)
Comprehensive workflow for Metasploit usage: modules, scanners, payloads, sessions, and exploitation flow.
Why I’m Interested in WAF & Signature Research
I enjoy understanding how attacks appear at the HTTP level, how small changes in requests affect detection logic, and how WAFs classify different patterns. Research-oriented work suits me because I like exploring behaviour step-by-step and documenting things clearly.
What I’m Currently Learning
WAF signature logic and rule design
Regex and input matching for security
Core Rule Set (CRS) behavior
Advanced HTTP header inspection
Live from GitHub
All project notes and walkthroughs load directly from my GitHub repositories. This approach ensures my portfolio is always up-to-date with my latest work and demonstrates my commitment to transparent, version-controlled documentation.
Explore on GitHub