Biography

I’m a Cybersecurity Engineer in the making and a Tech enthusiast at heart. I love exploring and talking about Computer internals. My passion lies in building things with my power of programming. Check out my noteworthy projects and Open Source contributions on GitHub.

Interests

  • Application Security
  • Reverse Engineering
  • System Programming & Operating Systems
  • Penetration Testing

Education

  • Master of Science - Cybersecurity, 2022 (Expected)

    Georgia Institute of Technology

  • Bachelor of Engineering - Computer Engineering, 2020

    Savitribai Phule Pune University

  • Higher Secondary School, 2016

    M.E.S Abasaheb Garware College

Experience

 
 
 
 
 

Security Engineering Intern

Meta (formerly Facebook)

May 2022 – Aug 2022 Seattle, WA
  • Designed and developed coverage-guided fuzzing harnesses with LLVM Libfuzzer that run on Meta’s Continuous Fuzzing platform - Lionhead.
  • Found 10+ security bugs in Meta’s production code and tooling systems through fuzzing and code reviews / auditing.
  • Audited and statically analyzed code in the WhatsApp Payment Engine system for security and privacy issues. Found 5+ CVE-worthy security bugs.
  • Worked on developing an automated fuzzing harness generation system to get coverage guided fuzzing for 100,000+ API endpoints.
  • Designed a fuzzing metrics system and visualization dashboard for coverage and fuzzing performance insights.
 
 
 
 
 

Security Engineer

BosLeo LLC

Jul 2020 – Jul 2021 Pune, India
  • Worked on the development of Anti-Virus, Anti-Phishing, Software Sandboxing, Application Firewall etc. components as a part of the company’s Endpoint Protection Platform (EPP).
  • Worked on the design, development and deployment of a network-based intrusion detection system (NIDS) supplemented with an intrusion analytics and insights system. Simulated, detected and analyzed 100+ network intrusion attacks with the NIDS.
  • Developed a Software-Defined Perimeter prototype based on the Zero Trust Network architecture.
 
 
 
 
 

Research Intern

Center for Police Research (Government of Maharashtra)

Jan 2020 – Apr 2020 Pune, India
Worked with the Pune Police Department to design and develop a PoC (proof-of-concept) for an automated WiFi Security Analyzer for ethical war drives conducted by the police department.
 
 
 
 
 

Software Engineering Intern

Rhythmflows Solutions

Jan 2020 – Jun 2020 Pune, India
  • Worked on scalable architectural design and development of a video on-demand solution streaming and web API, used by more than 500,000 users.
  • Audited the backend & the Cordova codebase (iOS + Android native app development framework) for security issues and vulnerabilities. Found 20+ CVE-worthy security and privacy issues.
 
 
 
 
 

Security Engineering Intern

Quick Heal Technologies

Jun 2019 – Nov 2019 Pune, India
  • Developed a secure central authentication service (CAS) to support single sign on (SSO) for the company’s internal applications with added support for LDAP / Active Directory integration.
  • Designed client integration libraries for Python and Golang-based web application frameworks to support and integrate 100+ internal applications.
 
 
 
 
 

Research Assistant

Pune Institute of Computer Technology

May 2019 – Jul 2019 Pune, India
  • Worked on the study of side-channel attacks that target the virtualization level (the lowest level of the software stack) of an Operating System.
  • Assisted in creating a meta classifier-based ensemble learning model for attack detection.
  • Developed a granular performance monitoring script to generate system logs.
  • Researched various techniques used by attackers to exploit private information from the set of target virtual machines running on cloud platforms.

Accomplish­ments

Projects

Cedit

A minimalistic text editor for terminal fanatics.

Cyberfort CTF

Cyberfort CTF is an online platform to test and advance skills in Penetration Testing and Cybersecurity.

Frost Linux

An Arch Linux Based Distribution for Developers.

Password Manager

An offline Master-Password-based Password Manager.

WebTTY

A Swiss Army knife that provides secure tunnels to localhost and allows you to share your terminal as a web application.

Recent & Upcoming Talks

Centralized or Decentralized? The Contact Tracing Dilemma

This is a summary of the “Centralized or Decentralized? The Contact Tracing Dilemma” research paper having the following …

The Million Dollar Dissident

A talk about the Zero-Day exploit used by the NSO group on Ahmed Mansoor, its backstory, exploit and network infrastructure.

Summarizing and Analyzing the Privacy-Preserving Techniques in Bitcoin and other Cryptocurrencies

Bitcoin and many other similar Cryptocurrencies have been in existence for over a decade, prominently focusing on decentralized, …

Designing a Secure Device-to-Device File Transfer Mechanism

Secure, reliable, and fast transfer of files across the Internet is a problem attempted to be solved through many application-layer …

Hidden Secrets of Python

Python has a large number of really cool modules that people don’t know about. These are quite helpful. People often tend to …

Ethics for Platforms

The Internet was created to be an open source to get connected to the rest of the world, to share information and bring the world …

MongoDB (NoSQL Databases)

MongoDB is on of the widely used databases. It is a semi-structured database that stores data in the form of documents (JSON like …

Content Addressed Peer-to-Peer File System for the Web with Blockchain-Based Metadata Integrity

With the exponentially scaled World Wide Web, the standard HTTP protocol has started showing its limitations. With an increased amount …

Recent Publications

Quickly discover relevant content by filtering publications.

Summarizing and Analyzing the Privacy-Preserving Techniques in Bitcoin and other Cryptocurrencies

We summarize the privacy preserving techniques used in Cryptocurrencies and compare them to Bitcoin.

End-to-End Lung Cancer Diagnosis on Computed Tomography Scans using 3D CNN and Explainable AI

We propose a new way of creating a unified interface for radiologists & researchers to analyze CT scans and support the system with …

Content Addressed Peer-to-Peer File System for the Web with Blockchain-based Metadata Integrity

We propose a new content addressed peer-to-peer file system as a replacement to the bloated HTTP protocol assisted with the robust …

Using Generative Adversarial Networks for Secure Pseudorandom Number Generation

We propose a new way of generating pseudorandom numbers using generative adversarial networks. We demonstrate that a GAN can act as a …

A Secure Password Manager

We propose an offline password manager, that does not store passwords anywhere. These passwords are not even stored on the device of …

Contact