Developed the backend of a sophisticated threat intelligence platform. The dashboard offers unprecedented visibility and analytical capabilities, enabling clients real-time identification of compromised data from various sources.

Developed various parsers for parsing specific types of stolen credential files published by threat actors. It is designed with regex-driven extraction to normalize domains, IPs, emails, and credentials from adversary data dumps facilitating efficient and secure storage.

Built a toolkit where I developed an automatic intelligence data downloader, extractor, and ingestion module from threat actor managed Telegram channels. The toolkit supports both scheduled extractions and real-time monitoring feeding data into an ingestion service that automatically extracts, and stores the data.

This project is a comprehensive system for parsing various info stealer malware log formats. It analyzes logs of stealer malwares and extract intellegince data from them and sending intelligence data to designated endpoints for utilization in a CTI platform.

Client-Server application, written in C++, that resembles a Cloud Storage. In this project all the security protocols (for authentication and data transmission) have been designed specifically for this project and have been implemented using OpenSSL. Each user has a “dedicated storage” on the server, and User A cannot access User B dedicated storage. Users can Upload, Download, Rename, or Delete data to/from the Cloud Storage in a safe manner.

Implemented the Tiny Encryption Algorithm (TEA), both encryption and decryption modules performing logic design, circuit design, and physical design processes using Hardware Description Language (HDL), and tested the performance.

Developed a Trojan horse malware that is capable of taking a screenshot of users' keystrokes and sends the screenshots to remote storage.

Watchdog project is a Python program designed to monitor any command and restart it if necessary. It provides a simple and flexible solution for ensuring the continuous execution of critical commands or processes.

This project is a custom-built tool designed to scrape and analyze online forums, focusing on extracting valuable threat intelligence from both open and dark web sources. The tool automates the process of gathering posts, comments, and metadata related to cybersecurity threats.

Extracted opcodes of malwares from different APT groups and analyzed using GHIDRA and IDA Pro, Pre-processed malware OpCodes. Implemented feature engineering using n-gram counts and PCA; applied SVM, KNN (k=3.5), Decision Tree, and Random Forest models. Achieved high accuracy and F1 scores; evaluated models using key metrics