Designed and deployed a full-stack observability pipeline for a microservices-based e-commerce platform on Amazon EKS. Integrated OpenTelemetry for trace and metrics collection, Prometheus for alerting, and Grafana for visualization. Automated Helm-based Kubernetes deployments and implemented GitHub Actions CI/CD pipelines with rollback safety. Configured PrometheusRule custom alerts and AlertManager for real-time Gmail notifications on pod failures. Demonstrated production-grade monitoring, alerting, and reliability engineering aligned with SRE best practices.

Built a real-time, production-grade academic intrusion detection system to promote exam integrity using Snort 3, Flask, and AI. Implemented 40+ custom detection rules for AI tools (ChatGPT, Bard, Claude), VPNs, study-help sites (Chegg, CourseHero, Quizlet), and C2 behavior (DNS tunneling, Nmap). Logs parsed and visualized with Python-based automation and a fully responsive dashboard. Integrated NLP with spaCy to enable natural language Smart Search and alert summarization for instructors. Developed “Exam Mode” using a default-deny network policy to highlight unauthorized traffic during proctored sessions.

Designed and deployed a secure, scalable, production-ready e-commerce platform entirely on AWS. Implemented multi-tier VPC architecture with private EC2 app servers, ALB + Auto Scaling Group, RDS MySQL (Multi-AZ), and CloudFront-backed S3 static hosting. Integrated AWS WAF, ACM, IAM roles, Secrets Manager, and bastion host to enforce layered security. Enhanced observability using CloudWatch dashboards and alerts, automated testing via JMeter, and Lambda for cost-saving schedules. Validated real-world architecture under AWS Well-Architected Framework for resilience, security, performance, and cost-efficiency.

Conducted a detailed forensic investigation of a suspected malware developer’s workstation to analyze the “Rebel” malware framework. Recovered encrypted files, reconstructed deleted data, and uncovered malware persistence techniques, obfuscated payloads, and unauthorized data exfiltration to offshore C2 servers. Leveraged tools like Autopsy, FTK Imager, VeraCrypt, Wireshark, and PhotoRec to identify key artifacts and provide recommendations for enhanced security practices.

Performed an in-depth penetration test of “The Masked DJ’s” IT infrastructure, identifying critical vulnerabilities like misconfigured SMB/RDP settings, weak password policies, and unpatched software (e.g., EternalBlue). Leveraged advanced tools and frameworks, including Nmap for network reconnaissance, Impacket for credential extraction, and AWS CLI for cloud assessments, gaining root access to key systems, including Active Directory and web servers. Delivered actionable recommendations such as MFA implementation, network segmentation, and robust patch management to enhance security posture.

I conducted a structured penetration test on a virtual machine to identify vulnerabilities in a web application and retrieve a critical “flag.” Using tools like Nmap for port scanning, Gobuster and Enum4Linux for enumeration, and Wireshark for network traffic analysis, I identified misconfigurations and uncovered plaintext FTP credentials. This facilitated SSH access, followed by privilege escalation through artifact analysis (e.g., .bash_history) and a successful brute-force attack using Hydra, leading to the extraction of the web application creator’s details.

This project involved assessing the web application of the Michael Scott Paper Company to ensure it met CMMC 2.0 Level 1 requirements. The task was to review the security measures in place for the web application and its hosting environment. We identified gaps in the company’s access control, file upload security, and external connections, providing recommendations for improvements. The full report outlines our findings and detailed analysis of compliance with CMMC requirements, offering insights into necessary changes for enhanced security.

In this project, I conducted a comprehensive risk assessment for a self-driving vehicle equipped with various telematics systems. Using the DREAD methodology, I estimated quantitative risk values, translated these into qualitative categories, and linked the results to the STRIDE model to address potential threats and vulnerabilities. This analysis provided valuable insights into the security posture of autonomous vehicles and informed risk management strategies.

In this project, I assessed and mitigated security vulnerabilities in a healthcare company’s cloud infrastructure. I focused on identifying weaknesses in IAM policies, unencrypted data, vulnerable virtual machines, inadequate network security, and the lack of robust logging and monitoring. I provided detailed recommendations for enhancing access controls, data encryption, vulnerability management, network security, and disaster recovery to ensure the confidentiality, integrity, and availability of sensitive patient data.

In this project, I developed a comprehensive security enhancement plan for a company network compromised by prolonged attacks. I proposed solutions to fortify both the Linux and Windows networks, ensuring secure inter-network communication and addressing challenges related to remote work capabilities. The plan focused on preventing attacks, detecting breaches, and providing strategies for managing undetected attacks, all within a $500K budget constraint. My approach included upgrading network defenses, implementing robust monitoring systems, and addressing gaps in security policies and procedures.

The Drone Authentication System project addresses the growing need for secure drone operations amid rising security concerns, such as the recent drone attacks at the Indian Air Force Station, Jammu. Instead of a blanket ban, this system offers a targeted solution by allowing only authorized drones to operate in specific areas. The system uses GPS and GSM modules, an Arduino Nano board, and a single-channel relay to monitor and control drone access. When a drone initiates a flight, the GPS module fetches its location and compares it with predefined restricted zones. If the drone attempts to enter a restricted area, access is denied, and the system cuts off power to the drone. For flights outside restricted zones, the drone’s credentials and pilot information are sent to the Drone Authentication Center (DAC) for verification. If the DAC confirms the request, it grants permission to fly. This approach ensures enhanced security while enabling safe drone operations.

The Intrusion Detection System (IDS) project focuses on developing a solution to detect unauthorized network traffic and security breaches. Leveraging Snort’s rule-based engine, the IDS differentiates between legitimate and malicious IP addresses, with traffic sourced from Charusat University’s network. It effectively identifies packets from various sources, including Google, PDFs, MP3s, e-governance sites, and protocols like FTP, as well as file types such as JPEG and GZIP. Addressing security gaps in Charusat’s e-governance platform, the IDS includes continuous monitoring, student IP restrictions, and integration with an Intrusion Prevention System (IPS). A dedicated application enhances monitoring by logging data in real-time, removing the need for manual CMD checks, and offers a user-friendly interface. The project aims to bolster network security and reliability in educational environments.

The Automatic Staircase Lighting System leverages an Arduino UNO microcontroller to enhance home safety and efficiency. The system uses ultrasonic motion sensors to detect movement and trigger a relay module that controls the staircase lights, ensuring illumination only when necessary. Integrated with a Bluetooth module, it allows users to adjust settings via a smartphone app, offering manual control and custom light delays. A dimmer circuit smooths LED brightness transitions, minimizing abrupt current changes and extending LED life. This intelligent system optimizes energy use and improves staircase safety, demonstrating effective home automation.

This game is a speed typing game that helps players improve their typing speed. The player in this project must press the same keys as the letter displayed on the game screen. If the player makes a typing error, the game is over and the total score is displayed.