Welcome to THLAB
After years of building security tools, breaking WAFs, and engineering defense systems, I decided it was time to start writing things down.
This blog is a space for three things:
-
Security Research - Real findings, real analysis, no fluff. From WAF bypass techniques to API vulnerability patterns.
-
Technical Deep Dives - Architecture decisions, tool reviews, and the engineering behind security products.
-
Honest Reflections - The parts of the job that don’t make it into CVEs or conference talks.
Why “THLAB”?
It’s a lab. A place to experiment, document, and share. Not a polished marketing site - a working space where ideas get tested and findings get published.
What’s Next
Expect posts on WAF auditing frameworks, API security patterns, bot protection strategies, and the occasional opinion piece on where application security is heading.
Stay tuned.