Skip to content
View SrishtiCode's full-sized avatar
🎯
Focusing
🎯
Focusing
3 followers · 8 following

Block or report SrishtiCode

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
SrishtiCode/README.md

Srishti Rathi

Cybersecurity Researcher | VAPT Specialist | Threat Intelligence Analyst | Malware Investigator

LinkedIn Portfolio TryHackMe Email

profile views

About Me

class CybersecurityResearcher:
    def __init__(self):
        self.name = "Srishti Rathi"
        self.role = "Security Researcher & Penetration Tester"
        self.education = "B.Tech. Computer Engineering | J.C. Bose University"
        self.specializations = [
            "Vulnerability Assessment & Penetration Testing",
            "Threat Intelligence & OSINT",
            "Malware Analysis & Reverse Engineering",
            "Application Security Testing",
            "IOC Analysis & Threat Hunting"
        ]
        self.current_status = "🔴 Open to Security Research & VAPT Opportunities"
    
    def get_expertise(self):
        return {
            "Penetration Testing": ["Web App Testing", "API Security", "Network Pentesting", "OWASP Top 10"],
            "Threat Intelligence": ["OSINT", "IOC Analysis", "Threat Actor Profiling", "Dark Web Research"],
            "Malware Analysis": ["Static Analysis", "Dynamic Analysis", "Behavioral Analysis", "Reverse Engineering"],
            "Security Tools": ["Burp Suite", "Metasploit", "Nmap", "Wireshark", "IDA Pro", "Ghidra"],
            "Programming": ["Python", "Bash", "PowerShell", "Assembly (x86/x64)"]
        }

🏆 Smart India Hackathon Winner | 🎖️ Top 1% TryHackMe | 🐞 Active Bug Bounty Hunter | 🔬 Malware Researcher

Professional Experience

Independent Security Researcher

July 2025 – Present

Vulnerability Assessment & Penetration Testing:
  - Web application security assessments (OWASP & PTES methodologies)
  - API security testing and GraphQL DoS vulnerability research
  - IDOR, XSS, SQLi, and business logic flaw identification
  - Network penetration testing and privilege escalation
  - Responsible disclosure to multiple organizations

Threat Intelligence Operations:
  - Threat actor TTPs analysis and campaign tracking
  - IOC extraction, correlation, and threat hunting
  - Surface and deep web OSINT investigations
  - Forum and marketplace monitoring for emerging threats
  - Intelligence report writing and RFI responses

Malware Analysis Projects:
  - Static and dynamic malware analysis
  - Reverse engineering of suspicious binaries
  - Behavioral analysis and sandbox testing
  - IOC extraction and YARA rule development
  - Malware family identification and classification

Technical Arsenal

Penetration Testing & VAPT

Burp Suite Metasploit Nmap Wireshark OWASP ZAP

Malware Analysis & Reverse Engineering

IDA Pro Ghidra x64dbg Cuckoo

Threat Intelligence & OSINT

Python Maltego TheHive MISP

Programming & Scripting

Python Bash PowerShell C/C++

Platforms & Frameworks

Linux Docker Git Django

Certifications & Achievements

TryHackMe

Top 1% Globally
Jr. Penetration Tester

SIH Winner

Smart India Hackathon
Government Recognition

Cisco Certified

Junior Cybersecurity Analyst
Networking Basics

Bug Bounty

Active Researcher
Multiple Valid Reports

Core Competencies

Penetration Testing Threat Intelligence Malware Analysis
✅ Web App VAPT ✅ OSINT Research ✅ Static Analysis
✅ API Security Testing ✅ Threat Actor Profiling ✅ Dynamic Analysis
✅ Network Pentesting ✅ IOC Collection & Analysis ✅ Reverse Engineering
✅ Exploit Development ✅ Dark Web Monitoring ✅ Behavioral Analysis
✅ Security Auditing ✅ Intelligence Reporting ✅ YARA Rule Writing
✅ Vulnerability Research ✅ Threat Hunting ✅ Malware Classification

📝 Latest Research & Write-ups

  • GraphQL Security Deep Dive: Complexity-Based DoS Vulnerabilities
  • Analyzing Modern Malware Families: TTPs and Detection Strategies
  • OSINT Techniques for Cyber Threat Intelligence: A Practical Guide
  • From Reconnaissance to Exploitation: A Web App VAPT Case Study
  • APT Campaign Analysis: IOC Correlation and Attribution Methods
  • Building a Home Malware Analysis Lab: Tools and Best Practices

Read more on my portfolio

Featured Projects

Vulnerability Research

  • GraphQL DoS Research: Discovered and documented complexity-based denial of service vulnerabilities
  • IDOR Detection Framework: Automated tool for identifying insecure direct object references
  • API Security Scanner: Custom Python tool for REST API security assessment

Malware Analysis

  • Ransomware Behavior Analysis: Detailed analysis of modern ransomware families
  • IOC Extraction Pipeline: Automated malware analysis and indicator extraction
  • YARA Rule Repository: Custom detection rules for emerging threats

Threat Intelligence

  • Dark Web Monitoring Tool: Automated forum and marketplace surveillance
  • Threat Actor Database: Comprehensive tracking of APT groups and campaigns
  • OSINT Automation Framework: Python-based intelligence gathering toolkit

Security Testing Methodology

graph LR
    A[Reconnaissance] --> B[Scanning & Enumeration]
    B --> C[Vulnerability Assessment]
    C --> D[Exploitation]
    D --> E[Post-Exploitation]
    E --> F[Reporting]
    F --> G[Remediation Support]
Loading

Frameworks: OWASP, PTES, NIST, MITRE ATT&CK, Kill Chain

GitHub Stats

GitHub Stats

Top Languages

Let's Collaborate

const contact = {
    name: "Srishti Rathi",
    email: "rathisrishti@gmail.com",
    linkedin: "Srishti Rathi",
    portfolio: "srishticode.github.io",
    location: "Delhi, India",
    status: "🟢 Available for Security Research & VAPT Opportunities",
    
    interests: [
        "Vulnerability Assessment & Penetration Testing",
        "Web Application Security",
        "Malware Analysis & Reverse Engineering",
        "Cyber Threat Intelligence",
        "OSINT Investigations",
        "Incident Response",
        "Security Tool Development"
    ],
    
    open_to: [
        "VAPT Internships/Full-time Roles",
        "Threat Intelligence Positions",
        "Malware Analysis Opportunities",
        "Security Research Collaborations",
        "Bug Bounty Programs",
        "Open Source Security Projects"
    ]
};

console.log("Ready to secure the digital world! ");

Open to collaboration on security research projects!

LinkedIn Email Portfolio

"Security is not a product, but a process" - Bruce Schneier

From SrishtiCode | Passionate about breaking things to make them stronger

Pinned Loading

  1. Threat-intel-platform Threat-intel-platform Public

    Threat Intelligence Platform is a Python-based project aimed at automating the collection, correlation, and visualization of cyber threat data from various open sources (OSINT). It’s designed to he…

    Python

  2. Vulnerability-Scanner Vulnerability-Scanner Public

    Vulnerability Scanner is a Bash-based automated reconnaissance and vulnerability scanning tool designed for penetration testers and cybersecurity professionals. It allows users to perform fast and …

    Shell 1

  3. Threat-Detection Threat-Detection Public

    Threat Detection is a real-time AI-powered system that detects harmful weapons like guns and knives using the YOLOv5 object detection model. Designed to enhance public and private security, the sys…

    Jupyter Notebook

  4. Sign-Language-Project Sign-Language-Project Public

    It is a project made in python using Google mediapipe library. It can recognize the pose you are making up with your hand.

    Python 2

  5. SrishtiCode.github.io SrishtiCode.github.io Public

    My portforlio website.

    HTML

  6. Tryhackme Tryhackme Public

    Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.