Cybersecurity Engineer with real-world SOC and network security experience, a portfolio of published security tools, and a Grand Finalist finish at IIT Kanpur's HACK IITK 2026. I build things that detect, break, and defend — across cloud infrastructure, web applications, and AI-driven threat pipelines.

02. Experience
Hands-on exposure across government security infrastructure, SOC operations, and enterprise IAM — in production environments.
03. Skills
A broad toolkit forged through internships, security research, and hundreds of hours in the lab.
04. Projects
Security tooling at the intersection of offensive research, AI/ML, and defensive operations — every project ships real code.
Purple-team AWS security assessment framework — read-only, zero footprint. Enumerates 51 privilege escalation paths across 94 findings using BFS graph traversal. Computes the Minimum Viable Compromise path to Account Admin with automated CVSS-aligned risk scoring and policy drift detection. Unique modules: Ghost Identity Detector, Temporal Kill Chain, Permission Entropy Engine, Blast Radius 3D (5-dimensional impact scoring), and Attack Narrative Generator — capabilities absent from Prowler, ScoutSuite, and CloudMapper. Real-time WebSocket dashboard with vis.js attack graph.
Post-quantum secure OpenID Connect implementation over KEMTLS. Engineered a TLS replacement using ML-KEM-768 (NIST FIPS 203) and ML-DSA-65 (FIPS 204), achieving 21% lower handshake latency and a 30% smaller wire footprint compared to PQ-TLS. Bridges academic PQC research and production-grade deployment readiness for enterprise identity infrastructure.
Autonomous Network Defense Copilot — RAG + LLM pipeline ingesting firewall, IDS & network logs to automate SOC triage, correlate IoCs, surface attacker TTPs, and accelerate threat investigation, reducing analyst decision time by ~35%. Multi-format ingestion, 768-dim ChromaDB semantic search, Groq LLaMA 3.3 70B (128k context), interactive SOC chat, executive & technical PDF reports, SMTP email delivery — behind a multi-user Flask/bcrypt auth system.
Policy Offline Lens for Assessment, Risk & Improvement Scoring — fully offline cybersecurity policy gap analysis engine. Evaluates policy documents (TXT/PDF/DOCX) against NIST CSF 2.0, ISO 27001:2022, and SOC 2 using local semantic embeddings. Produces deterministic scores, remediation roadmaps, rich terminal dashboards, JSON exports, and PDF reports — zero external API calls, safe for confidential policy documents. 80%+ test coverage.
Multi-agent red team automation framework built on LangChain. Orchestrates recon, exploitation, and post-exploitation phases autonomously using MITRE ATT&CK-driven reasoning, ChromaDB vector memory, and a FastAPI backend with real-time WebSocket streaming. Simulates multi-stage attack chains — initial access through lateral movement and data exfiltration — fully mapped to ATT&CK TTPs. Enables blue teams to continuously validate SIEM detection coverage, tune alerting rules against realistic adversary behaviour, and measure detection gaps without manual red team engagements. Designed for controlled SOC validation workflows and structured red team / blue team exercises.
05. Recognition
Competition finishes, global rankings, published research, and academic milestones.
Top 48 teams from 9,000+ participants and 1,300+ teams, Critical Infrastructure Security track. Presented on-campus at IIT Kanpur before a jury from MeitY, Ministry of Defence, Zscaler, and Adani Cybersecurity.
Ranked in the top 1% worldwide through consistent performance across CTF challenges, offensive and defensive learning paths — specialising in web exploitation, network penetration, digital forensics, and community contributions.
Published 10+ in-depth technical articles on offensive techniques, CVE analysis, threat research, adversarial tradecraft, and AI agent security at medium.com/@SudoXploit7.
All India Rank 7 out of 50,000+ candidates in the NFSU entrance exam. 1st place in the university-level cybersecurity quiz. Team Leader at Smart India Hackathon, directing a cross-functional team under the Ministry of Education.
Education
06. Contact
I'm actively looking for cybersecurity roles — VAPT, SOC/threat detection, red team, cloud security, security engineering, and research. If you're a recruiter, hiring manager, or fellow researcher, I'd love to connect. My inbox is always open.
