Secure Engineering Projects
A collection of full-stack applications and security work. Focusing on the engineering and defense aspects of each project.
Built an AI-powered third-party vendor risk monitoring prototype with real-time risk scoring (0–100) and automated alerts.
Organizations struggle to monitor vendor risks in real-time, often relying on manual periodic surveys that fail to capture immediate threat posture changes.
Implemented RBAC for Admin/Vendor views, APScheduler-driven dynamic scoring engine, and compliance audit log. Designed a live glassmorphism dashboard with Chart.js visualizations.
Delivered a dynamic risk score monitoring dashboard with continuous vendor risk visibility, backed by FastAPI, SQLAlchemy, and Firebase.
Zero-trust security layer and real-time monitoring gateway built for multi-agent AI ecosystems. Developed for the Microsoft Build AI Hackathon.
As AI agents transition to taking autonomous, real-world actions, they become vulnerable to adversarial command hijacking, privilege escalation, and data exfiltration from compromised internal components.
Designed a zero-trust scoring engine with keyword analyzers and payload inspection. Built a highly responsive Next.js dashboard with Recharts telemetry visualizing threat vectors in real-time.
Achieved sub-12ms mitigation gateway latency with customizable threshold blocking (ALLOW / QUARANTINE / BLOCK) and immutable action audit logging.
Intelligent customer onboarding portal and automated qualification system engineered for State Bank of India. Developed for the SBI Hackathon.
Traditional banking onboarding systems are slow and complex, often lacking conversational support, leading to high drop-off rates and insecure KYC validation.
Developed a Vite + React + TypeScript interface. Integrated Gemini LLM for product matching, qualification agents for suitability scoring, and a Compliance Agent for real-time conversation safety monitoring.
Successfully implemented dynamic e-KYC (Aadhaar & OTP simulation) and low-latency product matching, with interactive live log traces of agent orchestration.
Addressed lack of real-time visibility into network attacks faced by SOC teams handling high-volume logs.
Network security teams lack real-time visibility into complex attack vectors, overwhelmed by raw logs without actionable insights or ML context.
Developed a real-time intrusion detection system with ML-based anomaly detection and live SOC dashboards. Implemented XGBoost models with WebSocket streaming to detect DDoS, SQL injection, and brute-force attacks.
Integrated high-volume network log ingestion pipeline to provide continuous visibility for SOC analysts, delivering sub-10ms inference latency.
Built an automated phishing detection system for email and URL analysis targeting enterprise spam filter gaps.
High-velocity phishing attacks bypassing traditional spam filters, leading to credential theft and malware delivery within organizations.
Applied heuristic-based AI analysis with sandbox validation for real-time threat classification and alerting. Engineered URL reputation checks and header anomaly detection.
Reduced phishing exposure by proactive URL blocking and sandbox validation, protecting enterprise communication channels.
Production-style logistics system with secure authentication, RBAC, and real-time synchronization for food delivery operations.
Unauthorized access risks and data leakage across multi-tenant delivery operations.
Implemented secure auth flows, role-based dashboards, and encrypted data channels.
Prevented unauthorized access to operational data and streamlined delivery management.
Conducted deep-dive security research into Android application vulnerabilities, focusing on insecure data persistence and network communication flaws.
Sensitive JWT tokens were stored in plain-text shared preferences, and lack of SSL pinning allowed for easy MITM interception of encrypted traffic.
Performed static analysis with JADX/MobSF. Utilized Frida for dynamic runtime hooking to bypass SSL pinning and inspect binary data structures.
Secured local storage using the Android Keystore system and implemented robust certificate pinning, eliminating local data theft vectors.
Conducted structured security assessments to identify data exposure, authorization flaws, and access control weaknesses. Validated findings through controlled testing.
Exposed API endpoints allowed Insecure Object Reference (IDOR) and weak session management, risking unauthorized multi-tenant data access.
Manual intercept testing with Burp Suite for broken access control and session hijacks. Automated baseline scans with OWASP ZAP.
Eliminated IDOR risks and stored XSS flaws by enforcing strict RBAC and server-side input validation across the API layer.