Skip to content

About

Security engineer based in College Park, MD. I studied cybersecurity at the University of Maryland (M.Eng., 2025) after completing my CS undergrad at GITAM in India.

Between school and work, I’ve been building offensive security tools, responding to real incidents, and hardening cloud infrastructure. At SportsExcitement I run pentests, manage WAF and firewall rules, and handled a live cryptojacking incident from detection through eviction. Before that, I taught DFIR labs at UMD and built SIEM correlation rules at Phoenix Global.

My approach: map the attack surface manually first, then run tools. The interesting vulnerabilities, the ones that chain into actual compromise, live in the gaps between what scanners check.

Certifications

Offensive Security Experienced Penetration Tester (OSEP)

48-hour proctored attack lab. Focused on Evasion and Advanced Penetration Testing.

Certified Red Team Expert (CRTE)

Advanced Active Directory exploitation and lateral movement in a multi-forest environment.

AWS Security Specialty

Cloud IR, infrastructure protection, and IAM security architecture.

CompTIA Security+

Security foundations and core principles.

CCNA

Routing, switching, and network infrastructure.

(ISC)² CC

Cybersecurity governance and risk management.

Education

M.Eng. in Cybersecurity

University of Maryland, College Park - May 2025

B.Tech. in Computer Science

GITAM, India - Apr 2023

Technical Skills

Offensive Security & Red Team

Penetration testing, AV/EDR evasion, Active Directory exploitation (Kerberoasting, AS-REP Roasting, DCSync, Golden/Silver Ticket, RBCD, ADCS ESC1-8, Shadow Credentials), payload development, process injection (hollowing, early bird), AMSI/CLM/AppLocker bypass, direct/indirect syscalls, D/Invoke, LOLBin abuse, PPID spoofing

Tooling: Cobalt Strike, Sliver, Havoc, Burp Suite, Metasploit, BloodHound/SharpHound, Neo4j, Impacket, Mimikatz, Rubeus, Certipy, PowerView, Evil-WinRM, CrackMapExec, Responder, Nmap, Nessus, Donut, ScareCrow, ffuf, SQLMap, Nuclei, Ligolo-ng, Chisel, proxychains

Cloud Security

AWS (IAM, S3, EC2, Lambda, GuardDuty, CloudTrail, Security Hub, Config, Organizations, SCPs, VPC Flow Logs), Azure RBAC, IONOS Cloud, Cloudflare (WAF, DDoS, Access), Pacu, Prowler, ScoutSuite, enumerate-iam, Terraform, KMS, iptables

Detection, DFIR & Forensics

Splunk, ELK, SIEM correlation rules, Sigma/YARA rule authoring, Sysmon, Volatility, KAPE, Chainsaw, Hayabusa, Eric Zimmerman tools, FTK Imager, Wireshark, CyberChef

Languages

Python, C#/.NET, Bash, PowerShell, JavaScript, Ruby, Git, Docker

Frameworks

MITRE ATT&CK, PTES, OWASP Top 10, NIST 800-53, PCI-DSS, HIPAA, GDPR, CMMC

ATT&CK coverage map