> Initializing: cybersecurity • research • bug_bounty • ctfs
> Status: Online
> Mode: Writing Tools...
Feb 2024 - Present
• Built tools to monitor certificates, subdomains, DockerHub, and secrets in services like Postman, GitHub, GitLab, and Bitbucket — collecting 100K+ secrets monthly.
• Conduct internet-wide scanning to identify vulnerabilities and enhance threat intelligence.
• Developed scanning infrastructure for ASM including vulnerability scanners, host profilers, and correlation engines.
• Created research.redhuntlabs.com to share datasets and insights with the community.
• Migrated entire infrastructure to AWS, improving efficiency by 45%.
> Arsenal Presenter & Trainer
> BlackHat Asia 2025 | BlackHat USA 2025 | BlackHat EU 2024 | BlackHat MEA 2024
Varunastra — GitHub
> Tool to detect and mitigate vulnerabilities in Docker containers and images.
> Presented at: BlackHat USA 2025, BlackHat Asia 2025, BlackHat MEA 2024.
Agneyastra — GitHub
> Detects Firebase misconfigurations with precision for bug bounty hunters and researchers.
> Co-Presented at: BlackHat Asia 2025, BlackHat Europe 2024.
Cyclops — GitHub
> Serverless alternative to Burp Suite Collaborator for testing SSRF, blind XSS, and more.
> Establishing secure connections for collaborations and research discussions...
> If my research helped secure your systems, fuel the next discovery!
☕ Execute payment