GitHub - harekrishnarai/harekrishnarai: A Portfolio Type GitHub Special Repo · GitHub
Skip to content

harekrishnarai/harekrishnarai

Folders and files

Repository files navigation

Hey there, I'm Hare Krishna Rai

Twitter Badge    LinkedIn Badge

CRTP Certification    eWPTX Certification


🎯 Security Researcher | Speaker | Open Source Contributor

I'm a Product Security Engineer focused on securing the software supply chain. My passion lies in offensive security research, tool development, and sharing knowledge with the community.

  • 🔒 Creator of SCAGoat, a vulnerable-by-design application to benchmark SCA tools and simulate supply chain attacks.
  • 🧰 Regular secure coding trainer, conference reviewer, and CTF enthusiast.
  • 🔍 My research interests include OSS poisoning, model exposure abuse, malicious packages, and DevSecOps automation.

🛠️ Open Source Contributions

I believe in giving back to the community and actively contribute to key open source security projects:


🎤 Conference Talks & Arsenal

I have presented my research and tools at several top-tier security conferences, including:

Black Hat Europe 2025 Black Hat USA 2025 Black Hat Asia 2025 Black Hat Europe 2024 DEF CON 32 AppSec Village DC 2025


📊 GitHub Stats & Achievements

Streak Stats

Top Languages

GitHub Trophies


📌 Featured Project: SCAGoat

A deliberately insecure and compromised SCA testbed that simulates:

  • CVE exposure in Node.js and Spring Boot apps
  • Malicious/compromised packages
  • Reachability and fix validation workflows
    Ideal for evaluating SCA tools, container scanners, and CI/CD defenses.

Profile Views

💬 Let’s connect to talk about research, secure development, OSS risks, or collaborations!

About

A Portfolio Type GitHub Special Repo

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

Contributors