Cybersecurity Researcher | VAPT Specialist | Bug Bounty Hunter
Open to Security Research & VAPT Opportunities
In this post, I share my key learnings from Psychology of Intelligence Analysis by Richards J. Heuer Jr. The book shifts the focus from collecting more information to improving how analysts think.
From my first bug bounty submission to my CNS class, the CIA Triad has been at the core of everything I've learned about cybersecurity.
A concise technical guide to how Web Application Firewalls (WAFs) work, common evasion strategies attackers use, and how defenders should mitigate them.
Vulnerability Scanner is a powerful Bash-based automation tool crafted for penetration testers and cybersecurity professionals. It combines intelligence gathering, brute-force testing, and exploit analysis into one streamlined command-line utility. Whether you're conducting a basic recon or an in-depth assessment, this tool helps identify weak spots in a network environment effectively.
Dockerized WordPress CTF lab covering 5 OWASP-style challenges (IDOR, SQLi, Path Traversal, Authentication Bypass, CSRF). Designed for CTFd integration (per-instance flags via CTF_FLAG) and safe local testing.
Threat Detection is a real-time weapon detection system that uses deep learning to identify harmful weapons such as guns and knives in live video streams. Powered by the YOLOv5 model, this system is built for proactive security surveillance, reducing the need for manual monitoring and improving response time to potential threats.
It is a project made in python using Google mediapipe library. It can recognize the pose you are making up with your hand. Estimate hand pose using MediaPipe (Python version) If you have any problem in running codes. Please make sure you have libraries that are required in the project to run.
A cyber threat intelligence platform focused on OSINT-driven threat analysis and reporting. The platform aggregates open-source intelligence related to threat actors, vulnerabilities,and malicious infrastructure, enabling structured research and contextual intelligence reporting. Designed to support analyst workflows, RFI-style investigations, and intelligence documentation.
A structured OSINT case study analyzing LockBit ransomware’s operations, TTPs, and defensive recommendations.
Visual mapping of LockBit ransomware techniques (ATT&CK v14) derived from OSINT analysis.
Notes & methodology on OSINT techniques, ATT&CK mapping, data validation, and analyst practices.
I'm Srishti Rathi, a Cyber Threat Intelligence (CTI) researcher with a strong focus on OSINT investigations, threat actor profiling, and intelligence analysis. I work at the intersection of security research and intelligence, analyzing attacker behavior, monitoring open-source and underground ecosystems, and transforming raw data into actionable, contextual threat intelligence.
My work involves tracking emerging threats, mapping adversary TTPs using MITRE ATT&CK, conducting structured investigations to support RFIs, and producing analyst-grade intelligence reports for defensive security teams. I enjoy building tools and platforms that streamline intelligence workflows and enhance decision-making.
Email: srishtirathi@gmail.com
Concise walkthroughs of TryHackMe rooms with methodical reconnaissance, exploitation steps, and remediation notes — emphasis on reproducible commands, root proof, and pragmatic takeaways.
A collection of my writeups for PicoCTF challenges, documenting methodologies, tools, and solutions across various cybersecurity categories.
