Work

Projects and experiments — from product engineering to research. Each one represents a real problem I identified and solved.

Featured Work

Two projects that represent my best work — one in product engineering, one in research.

CyArt Tech LLP | Product Development

Chain Discovery

Pentest outputs lack structure — events are disconnected, making it hard to trace how an attack actually progressed and where it led.

An attack chain intelligence platform that transforms flat pentest output into structured, interactive, MITRE-mapped attack chain views.

●Combines AI-driven interpretation with deterministic flow and validation logic
●Reconstructs attack sequence, context, and privilege evolution across events
●Bridges fragmented outputs into a unified, dependency-aware attack understanding
●Flags inconsistencies, invalid transitions, and incomplete attack paths
●Designed as a scalable system for real-time ingestion and analysis

React FlowMITRE ATT&CK v3.0SLMREST APIsMongoDB

Published Research | IJCRT

VerbaSafe

AI-generated voices make it increasingly difficult to trust voice-based interactions, enabling high-impact vishing and impersonation attacks.

A real-time voice analysis system designed to identify synthetic and manipulated speech in live and recorded scenarios.

●Converts audio signals into frequency-domain representations for pattern analysis
●Trained ML models (CNN/LSTM) on extracted audio features to distinguish real vs synthetic speech
●Evaluates temporal and spectral characteristics to detect inconsistencies in generated voices
●Research-backed system with focus on practical detection of voice-based attacks

PythonPyTorchCNN/LSTMAudio ProcessingDeep Learning

A selection of projects and experiments

SIEM Lab

Modular SOC Level 1 practice environment built on Wazuh SIEM and open-source tooling.

WazuhELK StackSysmonOpenSearch

●Four-node lab: SIEM server, monitored endpoint, analyst workstation, attacker machine
●Mini-project roadmap: Setup → Log Baseline → Detection Rules → Attack Simulation → IR

SOC Investigation Case Files

Structured SOC investigation scenarios simulating real-world attacks across detection, analysis, and response.

SentinelThreat InvestigationKQL AnalysisMITRE ATT&CK

●L1–L3 workflow: triage, deep investigation (KQL), and post-incident detection tuning
●Reconstructs full attack timeline with MITRE mapping, IOC enrichment, and evidence-driven analysis

Microsoft Security Stack

30-day structured deep dive into enterprise SOC operations across the full Microsoft security stack.

SentinelDefenderKQLEntra ID

●Detection rules, investigation reports, SOC runbooks, architecture docs
●Full pipeline: Endpoint → MDE → Log Analytics → Sentinel → Alert → Incident → ServiceNow

Infrastructure Projects (Fibmesh)

4 validated secure remote access architectures with end-to-end deployment guides.

WireGuardTLSRDPFTPSApache

JobMate

Python job aggregation pipeline that filters, deduplicates, and exports cybersecurity roles.

PythonPandasRegexAPI Integration

●Queries multiple platforms, filters by security keywords, extracts experience via regex
●Stage 1 of a three-stage candidate automation stack

I'm open to freelance engagements, contract work, and full-time opportunities in security operations and detection engineering.