Security Engineer II - Red Team
Google- Working on a cool project
- Worked on a cool exercise
- Working on cool exercises
- Did some dev work
- Shadowed two cool exercises. Will shadow some more.
Security Engineering Intern
Google- Evaluated the effectiveness of various tools detecting security vulnerabilities within Chrome Extensions and designed a methodology to identify them at scale.
- Conducted comprehensive audits of thousands of internal Chrome Extensions using tools such as CodeQL, Tarnish, and DoubleX to identify potential security vulnerabilities.
- Created a Pull Request to enhance Tarnish's capabilities, enabling it to parse Manifest Version 3, operate on localhost, and expand its permissions identification functionality.
- Developed efficient helper scripts to optimize the process of manually auditing Chrome Extensions for vulnerabilities.
- Identified a critical exploitable bug within an internal Chrome Extension used by 20k+ Googlers and presented findings to diverse security teams.
ML Engineer Intern
Jupiter AI Labs- Successfully implemented a data pipeline and API interface for the Taxonomy Recommendation and Classification Engine, utilizing APA's Azure SQL database.
- Developed a Ticket Priority Scheduler that utilizes a blend of classification and regression algorithms to accurately prioritize tickets with a fresh data accuracy rate of 94%.
- Conducted a comprehensive analysis of MMYT and EMT stocks, incorporating historical data from Yahoo Finance and existing quarterly financial statements to predict future stock values.
- Utilized the Sobel Edge and Harris Corner Detection techniques, in conjunction with a Gaussian mixture model, to match appliance images and group their edges and corners.
Cybersecurity Research Intern
COSGrid Networks- Led a team that created an IoT Device Classification and Anomaly Detection prototype, using tools such as Spark, XGBoost, Sklearn, Zeek, Argus, and TShark, achieving 91% accuracy on fresh data. The prototype was selected as a finalist in the 'Cyber Security Grand Challenge!' organized by DSCI.
- Successfully deployed Apache Metron as a Big Data Network Intrusion Detection Solution on an AWS IoT Greengrass testbed, achieving an accuracy of 92.4% and a false positive rate of 0.24% in detecting malicious attacks automated by Guardicore's Infection Monkey.
Data Security Intern
Neubrain- Conducted a Penetration Test on Neubrain's web server hosting WordPress websites and identified 4+ vulnerabilities including the use of unsafe WordPress plugins, weak passwords, and insecure PHP code.
- Upon immediate employment, performed Incident Response on defacement of the web server and reported the method of infiltration and exfiltration.
- Successfully hardened the WordPress server post-defacement and prevented attacks by setting up Web Application Firewalls, upgrading PHP and implementing other hardening mechanisms.
Ethical Hacking Student Intern
Cryptus Cyber Security- Generated Penetration Testing Reports on 2 vulnerable client sites and reported several highly critical vulnerabilities such as SQL Injection and Remote Command Execution (RCE).
- Researched fileless malware, documenting Office macro attacks and in-memory injection of payloads using PowerShell and gained insight into Active Directory engagements.
- Conducted research on the internal workings of tools such as TheFatRat and Veil Framework and acquired a deeper understanding of encryption mechanisms such as XOR/AES Encryption and basic code obfuscation techniques.
#1quals
CSAW 2023
Team "UMDCSEC" earned 1st place in the qualifiers
#39/1287
Fetch the Flag CTF
As a member of Space.Cows
#39solo
IrisCTF
Solved 8 challenges in Rev, PWN, Networks, Misc
#69/400
Pragyan CTF
Solved reversing and forensics challenges
#106/580
National Cyber League Fall
Individual Game, Experienced Students Bracket. Team Game: #63/457
#186/980
LA CTF
Solved 9 challenges in Reversing, Misc, Web
#50227 solves
HackTheBox Cyber Apocalypse CTF
Team Captain of 0d4yR007 (2 members). Pwn, Forensics, Rev, Hardware, Crypto, ML
#397/6675
National Cyber League Fall
Individual Game
#544solo
DownUnderCTF
Solo competitor (nier0x00) in team "UMDCSEC-B"
#2475
Flare-On CTF
Annual reverse engineering CTF by Mandiant
CEH
CAP
CNSP
Security+