Innovated a human-solvable CAPTCHA system in Golang to bolster security against offline dictionary attacks. The system featured three unique puzzles: Sudoku, Chess, & Cryptographic Hash Puzzle. Performed comparative analysis with cutting edge solutions leading to our finding of 30% less likelihood of successful dictionary attacks against offline files.

Presented at IEEE CCWC 2024, I implemented an ML Security Monitor for battleship infrastructure. The model achieved 98.5% accuracy in detecting cyber threats in ICS networks, validating its effectiveness through penetration tests on power systems and weapon controls.

Performed security testing of OpenEMR, identifying vulnerabilities like SQLi, DoS, buffer overflows, and XSS. Used tools including Burp Suite, OWASP ZAP, SQLMAP, and Wireshark to detect issues. Documented proof of exploitation along with remediation recommendations.

Developed proof-of-concept exploit achieving root access by reverse engineering Angband game binary to locate format string vulnerability. Used IDA Pro and GDB to analyze vulnerability and craft input to exploit stack overflow, redirect code execution flow, and open remote shell.

Exploited buffer overflow in Duke Nukem game binary to achieve remote root shell access. Reverse-engineered binary using Ghidra to identify vulnerable function and crafted malicious input. Developed proof-of-concept demonstrating arbitrary code execution via shellcode injection and redirecting control flow using buffer overflow technique.

Conducted threat modeling on an open-source web server using SciTool Understand and Microsoft Threat Modeling Tool. Produced an executive summary detailing risks and employed Ghidra and Veles for reverse engineering, bolstering the system's security posture.

Simulated DDoS attack in IoT devices, like flooding on CoAP network using Cooja simulator, leveraged the simulation data to train an ML model for detection of unusual traffic.

Application resulting from Rocketseat's Next Level Week #04. The application allows calculating the company's NPS (Net Promoter Score) through satisfaction surveys sent to users by email.

Designed and built a tamper-proof, decentralized e-voting system on the Ethereum blockchain through commit-reveal mechanisms. Hardened system security by building Solidity smart contracts with audited OpenZeppelin libraries, optimized consensus algorithms, IPFS integration and MetaMask identity management resulting in enhanced transparency, scalability, and reduced gas costs by 8%.

Investigated anonymized card data, identified feature relationships through visualizations, and engineered ensemble models to detect credit card fraud with 99.9% accuracy, reducing false positives by 20%.

Developed blockchain-based supply chain system using Solidity, OpenZeppelin, Truffle, and Web3, integrating web interfaces for server-chain communication. Enhanced efficiency by 10% and improved security.

Developed a MERN-based web application for integrating news from assorted sources of varying genres by applying several information retrieval techniques, resulting in 30% reduction in similar sentences by applying cosine-based similarity detection.

Developed an Information-Retrieval System for a large database of books with user-friendly interface using Flask. This gives an easy and extended version to library-management systems built for large scale institutions.