About

I’m Davit Vardapetyan - an information security enthusiast from Armenia with a strong focus on web technologies and practical penetration testing. I’m most interested in how modern web apps are actually built and where they break; authentication and authorization, session handling, APIs, client/server boundaries, and the small implemenation details that turn into real vulnerabilities.

This blog is my working notebook. I document labs, write-ups, and lessons learned while improving my web security skills - from understanding core web concepts to testing real-world application behavior. My goal is to write in a way that’s clear, repeatable, and useful: what I tested, what I expected, what happened, and what I’d do differently next time.

Occasionally, I step away from the screen to write about travel, cars, and other interests beyond tech. But the theme stays the same: curiosity, discipline, and consistent progress over time.

If you’re learning too: take what helps, verify everything in your own environment, and build your understanding one layer at a time.

Thanks for visiting and taking the time to read - I really appreciate it. Shorhakalutyun 🙏