Skip to content
View SumitKumarGarsa's full-sized avatar
🏠
Working from home
🏠
Working from home
4 followers · 1 following

Achievements

Achievement: Quickdraw

Achievements

Achievement: Quickdraw

Highlights

Block or report SumitKumarGarsa

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
SumitKumarGarsa/README.md 
╔═══════════════════════════════════════════════════════════╗
║                                                           ║
║              SUMIT KUMAR GARSA                            ║
║         Full Stack Developer · Security Engineer          ║
║                                                           ║
╚═══════════════════════════════════════════════════════════╝

Typing SVG

whoami

name     : Sumit Kumar Garsa
role     : Full Stack Developer → Web Security Engineer
location : Hidden due to privacy
focus    :
  - Security-first full stack architecture
  - Web vulnerability research (XSS · SQLi · Auth flaws · API abuse)
  - Secure coding · DevSecOps · Penetration testing mindset
mantra   : "Build it. Break it. Harden it."

./attack_surface.sh

🔨 Build 🔍 Break 🛡 Harden
Full-stack MERN apps XSS & Injection testing Input validation & sanitization
REST APIs & Auth flows Auth bypass & session hijacking JWT hardening & rate limiting
Mobile apps (Flutter) API abuse & IDOR Access control & RBAC
CI/CD pipelines Logic flaws & privilege escalation Security headers & CSP

cat tech_stack.json

Frontend

HTML5 CSS3 JavaScript TypeScript React Next.js Tailwind SASS Flutter

Backend & Database

Node.js Express PHP Python Java MongoDB MySQL PostgreSQL Supabase

Security & DevOps

Kali Linux Linux Git GitHub GitLab Postman Vercel Figma

git log --stat

Profile Summary
Stats   Top Languages
GitHub Streak

ls -la ./projects

🔐 Vulnerable Web App Lab

A hands-on security testing environment

  • Simulates XSS, SQL Injection, Auth Bypass
  • Exploit walkthrough + mitigation per vulnerability
  • Designed for pentest practice & secure code learning

Node.js Express MongoDB Security

🔗 View Project · 📖 Writeup

🛒 Secure E-Commerce Platform

MERN stack with security-first architecture

  • JWT auth, session hardening, CSRF protection
  • Input validation, rate limiting, secure payment flow
  • Role-based access control (RBAC)

React Node.js MongoDB JWT

🔗 View Project · 📖 Writeup

📱 Cross-Platform Mobile App

Flutter application with robust backend integration

  • Clean architecture with performance optimization
  • Secure API communication & data handling
  • Multi-platform: Android & iOS

Flutter Dart REST API

🔗 View Project · 📖 Writeup

🧪 Security Research Notes

Documented vulnerability research & CTF writeups

  • Real-world exploit analysis & PoC
  • Mitigation strategies & hardening guides
  • OWASP Top 10 coverage

Kali Linux Burp Suite OWASP

🔗 View Project · 📖 Writeup

cat achievements.log

🎯 LeetCode

📅 Monthly Activity — 2024

       

📅 Monthly Activity — 2025

 

🔥 Streak Milestones

       

./connect.sh

LinkedIn Twitter Gmail LeetCode GeeksforGeeks Codeforces

┌─────────────────────────────────────────────────────────────┐
│                                                             │
│   "If you can't break your own system,                      │
│         someone else will."                                 │
│                                                             │
│              — Sumit Kumar Garsa                            │
└─────────────────────────────────────────────────────────────┘

Profile Views

Pinned Loading

  1. Jhon-the-Ripper Jhon-the-Ripper Public

    In this entire repository i will tell you the best and the easiest way to use the very popular tool of kali Linux used for performing the brute force attack . Named as Jhon the Ripper

    9

  2. Ruthless-Resume-Reviewer Ruthless-Resume-Reviewer Public

    A platform that helps you to check that your resume is aligned with that particular job oe not . With latest Web Development Tech Skills

    TypeScript

  3. Resume Resume Public

  4. iloveecommerce iloveecommerce Public

    Technologies used : Next.js 14 | Redux, PayPal, Clerk TypeScript, Tailwind CSS

    TypeScript

  5. Certifications Certifications Public