My Projects
CYBER INTEL - THREAT INTELLIGENCE, MODELING AND RECONNAISSANCE
Developed a comprehensive Threat Intelligence Fusion Center plan addressing 15+ critical risks with tailored mitigation strategies to strengthen organizational security posture after conducting open-source reconnaissance on a Fortune 500 company and creating a detailed threat model with ranked assets and attacker profiles.
View the full report here
Keywords
Threat Analysis, Threat Modelling, Threat Intelligence Gathering, Threat & Strategic Analysis and Reporting, MITRE ATT&CK, Fusion Center
THREAT INTELLIGENCE REPORT
Developed and presented an executive briefing and Threat Intelligence Report on the MGM resorts attack by Scattered Spider threat group, analyzing threat actor tactics, motives, vulnerabilities, and impact, with actionable recommendations to prevent future incidents.
View the full report here
Keywords
Threat Intel Report, Cyber Attacks, Tactics Techniques & Procedures
CYBERINT - CYBER NEWS AGGREGATOR
Spearheaded a python-based project for creating a cyber awareness news aggregator that will help employees within financial organizations to keep up with the latest cyber related news and alerts that occur in the financial sector. Utilized beautiful soup, numpy, sumy and SMTP tools to aggregate, summarize each article and send emails.
Watch the code demo here
Keywords
Threat Intel Report, Cyber Attacks, Tactics Techniques & Procedures
RESEARCH REPORT – SECURING THE INTERNET OF MEDICAL THINGS
Authored a research paper on cybersecurity challenges in the Internet of Medical Things (IoMT), analyzing vulnerabilities, high-profile incidents, and proposing solutions like secure design, real-time threat monitoring, and AI-driven predictive threat detection to enhance healthcare security.
View the full report here
Keywords
IoT, Vulnerability, Mitigations, Research Paper, Healthcare Security
WEBGOAT HACKING
Performed application security testing on WebGoat within UTM, identifying and mitigating OWASP Top 10 vulnerabilities using Kali Linux and BurpSuite (Repeater, Intruder). Developed mitigation strategies, integrated secure coding practices, and strengthened expertise in web security assessments and vulnerability management.
View the full report here
Keywords
Kali Linux, BurpSuite, OWASP Top 10
TESLA RISK MANAGEMENT POLICY AND PROCEDURE
Designed and implemented an asset management and risk governance framework using the OCTAVE FORTE methodology. Identified and classified critical services and information assets, and developed detailed asset profiles including ownership, sensitivity, value, and impact. Performed structured risk assessments by mapping threat scenarios to impact areas and selecting appropriate risk response strategies. Created supporting documentation such as RACI matrices, impact severity tables, and risk policy guidelines for executive-level review and compliance alignment.
View the full report here
Keywords
OCTAVE FORTE, OCTAVE ALLEGRO, Risk Management, Risk Assessment, Asset Security, Asset Management, Risk Policy, Compliance
ETHICAL PENETRATION TESTING
Conducted ethical penetration testing of a simulated enterprise network (Jupiter), identifying and exploiting 13 critical vulnerabilities across 10 hosts using tools such as Metasploit, Nessus, SQLMap, WPScan, and Nikto. Exploited CVEs including BlueKeep (CVE-2019-0708), EternalBlue (CVE-2017-0144), Shellshock (CVE-2014-6271), and SQL injection. Gained privileged access via default credentials, insecure code, and authentication bypass techniques. Delivered actionable remediation recommendations aligned with CVSS standards.
Keywords
Kali, Metasploit, Nessus, Nmap, SQLMap, Nikto, WPScan, SQLi, Vulnerability, CVE
REAL-TIME AIR QUALITY PREDICTOR WITH KAFKA AND ML-DRIVEN APIS
Developed a real-time air quality forecasting pipeline using Kafka, Docker, MLflow, and FastAPI to predict CO(GT) levels from UCI dataset; implemented producer-consumer architecture for streaming, feature engineering (lags, rolling stats), model training (XGBoost, Random Forest, LSTM), and deployment in containerized API with 92.8% MAE improvement over baseline; ensured reproducibility with MLflow tracking and tackled integration/debugging across environments
View the full report here
Keywords
Kafka, Docker, MLflow, FastAPI, XGBoost, Random Forest
APPLYING NIST AI RMF ON 2019 OPTUM HEALTHCARE ALGORITHM
Applied the NIST AI Risk Management Framework (AI RMF) end to end to a real-world healthcare AI system following a documented bias incident. Conducted a post-incident analysis of the 2019 Optum case to map risks across MAP, MEASURE, MANAGE, and GOVERN, explicitly documenting assumptions, gaps, and governance failures. The project focused on understanding how structured AI risk management could have identified and mitigated bias earlier, serving as a hands-on learning exercise in AI governance and responsible AI practices.
View the full report here
Keywords
AI Governance, Responsible AI, NIST, NIST AI RMF, Risk Management
RED AI RANGE - ADVERSARIAL AI ATTACKS, DEFENSES, AND MODEL SECURITY
Developed a hands-on adversarial AI security project using Red AI Range to analyze how machine learning models fail under real-world attack scenarios. Built and evaluated multiple ML and deep learning models, then systematically tested them against evasion, poisoning, backdoor, model extraction, supply-chain, edge AI, and privacy attacks using Python-based notebooks and industry tools. Documented attack mechanics, backend execution paths, and corresponding defenses to better understand the gap between traditional cybersecurity controls and AI-specific threat models.
View the full report here
Keywords
Adversarial Machine Learning, AI Security, Model Evasion & Poisoning, Backdoor Attacks, Model Extraction, Supply Chain Risk, Edge AI Security, Responsible AI