Secure Engineering Projects
A collection of full-stack applications and security work. Focusing on the engineering and defense aspects of each project.
Built an enterprise-grade IDS dashboard featuring real-time ML-powered anomaly detection, actionable SOC KPIs, and deep-inspection threat telemetry.
Network security teams lack real-time visibility into complex attack vectors, often overwhelmed by raw logs without actionable insights or ML context.
Implemented a hybrid detection engine using XGBoost for anomaly classification. Developed a high-frequency WebSocket streaming dashboard with Standalone Demo Mode fallback.
Delivered a production-ready SOC interface with sub-10ms inference latency, providing instant forensic visibility into DDoS, SQLi, and Brute Force attacks.
Developed an automated phishing detection system utilizing heuristic analysis and real-time URL sandboxing to protect enterprise communication channels.
High-velocity phishing attacks bypassing traditional spam filters, leading to credential theft and malware delivery within organizations.
Integrated AI-driven heuristic analysis for URL classification. Implemented a real-time sandboxing environment for threat validation and automated remediation.
Reduced phishing exposure by 85% through proactive URL blocking and delivered an automated remediation landing page for end-user education.
Production-style logistics system with secure authentication, RBAC, and real-time synchronization for food delivery operations.
Unauthorized access risks and data leakage across multi-tenant delivery operations.
Implemented secure auth flows, role-based dashboards, and encrypted data channels.
Prevented unauthorized access to operational data and streamlined delivery management.
Conducted deep-dive security research into Android application vulnerabilities, focusing on insecure data persistence and network communication flaws.
Sensitive JWT tokens were stored in plain-text shared preferences, and lack of SSL pinning allowed for easy MITM interception of encrypted traffic.
Performed static analysis with JADX/MobSF. Utilized Frida for dynamic runtime hooking to bypass SSL pinning and inspect binary data structures.
Secured local storage using the Android Keystore system and implemented robust certificate pinning, eliminating local data theft vectors.
Conducted structured security assessments to identify data exposure, authorization flaws, and access control weaknesses. Validated findings through controlled testing.
Exposed API endpoints allowed Insecure Object Reference (IDOR) and weak session management, risking unauthorized multi-tenant data access.
Manual intercept testing with Burp Suite for broken access control and session hijacks. Automated baseline scans with OWASP ZAP.
Eliminated IDOR risks and stored XSS flaws by enforcing strict RBAC and server-side input validation across the API layer.