Skip to content

trigerman/trigerman

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 

Repository files navigation

Dhrupad Joshi — Security Researcher, Red Team Operator, Builder
Portfolio Launch cyber labs LinkedIn Email
root@dhrupad:~$ whoami
Security researcher working the full attack-to-defense loop.

root@dhrupad:~$ cat mission.txt
Break systems responsibly. Turn findings into detections. Build tools that help defenders win.

// signal, not noise

150+ vulnerabilities found 4 published CVEs 12× Hall of Fame Top 3 MACCDC 2026
Responsible disclosure HAX CMS research Industry recognition Collegiate cyber defense

I work across offensive security, vulnerability research, detection engineering, AppSec, cloud security, DFIR, and AI/LLM red teaming. I like the hard middle ground where a finding becomes a reproducible attack path, a useful detection, and eventually a better product.

// flagship builds

Open-source Windows endpoint protection with transparent verdicts.

Combines ClamAV, ~5,900 YARA rules, abuse.ch intelligence, behavioral heuristics, live C2/hash checks, and a kernel minifilter for pre-execution blocking.

Python React YARA Minifilter Threat Intel

Explore the repository →

Real Linux attack-and-defense labs running entirely in the browser.

v86 + WebAssembly ranges with no backend grader or local VM. BlueWall teaches IDS/firewall response; ShadowShell teaches webshell incident response. Each run rewrites the evidence.

v86 WebAssembly Buildroot Snort DFIR

Launch the labs →

// published vulnerability research

ID Severity Research
CVE-2026-46396 CRITICAL · 9.3 Stored XSS via iframe injection in HAX CMS
CVE-2026-46496 CRITICAL · 9.3 Stored XSS via the HAX CMS video-player component
CVE-2026-46511 HIGH · 8.7 Stored XSS + token exposure account-takeover path
CVE-2026-35185 HIGH · 8.7 Public server-status sensitive information exposure

All four issues were responsibly disclosed and patched upstream. Read the full research and impact notes →

// operating range

OFFENSE              DEFENSE                 ENGINEERING
├─ Red teaming       ├─ Detection-as-code    ├─ Python / TypeScript
├─ Web & API testing ├─ Threat hunting       ├─ Security tooling
├─ Adversary emu     ├─ DFIR                 ├─ v86 / WebAssembly
├─ AI / LLM security ├─ Incident response    └─ Cloud & AppSec
└─ Vuln research     └─ Purple teaming

// field notes

  • Penn State — M.S. Cybersecurity Analytics & Operations, 3.96 GPA
  • Top 3 — Mid-Atlantic Collegiate Cyber Defense Competition 2026
  • 16th of ~100 teams — DOE CyberForce Competition 2025
  • Hall of Fame recognition from organizations including SAP and Mastercard
Dhrupad's GitHub stats Dhrupad's GitHub streak

Open to security roles, research collaboration, and ambitious defensive engineering.
root@dhrupad:~$ make security useful

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors