Skip to content
View varshan-4068's full-sized avatar
🎯
Focusing
🎯
Focusing
7 followers · 8 following

Block or report varshan-4068

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
varshan-4068/README.md

$ whoami

Web application pentester who finds what scanners miss. I dig into authentication flows, business logic, and API trust boundaries — the places where real vulnerabilities hide.

I don't stop at the CVE. I trace the full impact, build the PoCs, and document what it takes to fix it right.

$ cat interests.conf

web_app_pentesting:
  - Recon, subdomain enumeration & attack surface mapping
  - Authentication & authorization bypass (OAuth, JWT)
  - Injection attacks: SQLi, XXE, SSTI, Command injection
  - Business logic & access control vulnerabilities
  - Client-side attacks: XSS, CSRF, Clickjacking, CORS abuse
  - API security testing: REST, GraphQL, WebSockets
  - Source-assisted code review & vulnerability chaining
  - Tools Used: FFuF,Burp Suite,Gobuster,John-The-Ripper

$ ls -la tools/

Languages

Web Application Pentesting

Environment

$ cat github_stats.log

$ ping -c 1 contact

        



// The best defense is built on a complete understanding of the offense.

Pinned Loading

  1. HackBG HackBG Public

    Ethical Hacker's Beginner Friendly TUI Based Hyprland Setup With Bunch of Customisation's

    Shell 1

  2. arcsec-tool arcsec-tool Public

    A tool made to check the security levels such as firewalls,updates and ssh critical issues

    Shell