Saood Nasir Sangle

Cyber Security Student & Automation Developer

Cyber Security postgraduate student at the University of Surrey with a professional background in Electronics Engineering from Mumbai. I focus on Linux systems engineering, web application security testing, network defense, and setting up containerized automation workflows using tools like Docker and n8n.

LinkedIn GitHub

Skills & Tools

Security Testing & Networks

Testing Web Application Firewall configurations, parsing logs for rule analysis, evaluating payload behavior, and understanding network protocols and access controls.

ModSecurity OWASP CRS WAF Configuration Penetration Testing

Automation & DevOps

Creating backend automation lines, system containerization, administering Linux remote servers via CLI environments, managing secure webhooks, and writing processing logic configurations.

Linux CLI n8n Workflow Docker Cloudflare Tunnels Python Node.js SQL

Technical Projects

Flight Report Automation Pipeline — Aviation Oasis

Workflow Automation & Integration Project

I built an automation system using self-hosted n8n to process and verify text logs from pilots automatically, saving hours of manual data entry.

How the system works:

Linux System n8n Engine Cloudflare Tunnels Docker JavaScript Node API Integration

Analyzing WAF Resilience Against Obfuscated Attack Payloads

MSc Dissertation Project | University of Surrey | Supervised by Dr. Robert Granger Awarded Distinction

For my master's dissertation, I set up a local testing lab to evaluate how effectively ModSecurity v3 and the OWASP Core Rule Set (CRS) 3.3.7 block different modified attack payloads in front of the Damn Vulnerable Web Application (DVWA).

Experimental Test Matrix & Results:

Attack Type Payload / Obfuscation Style PL1 (Threshold 5) PL2 (Threshold 10) PL3 (Threshold 15) PL4 (Threshold 20)
SQLi 'OR "1"="1 (Standard Tautology) Blocked Blocked Blocked Blocked
SQLi /**/OR/**/'1'='1 (Inline Comments) Blocked Blocked Blocked Blocked
XSS <script>alert(1)</script> (Direct Script) Reached App Reached App Blocked Blocked
XSS <img src=x onerror=alert(1)> (Event Handler) Reached App Reached App Blocked Blocked
CMD 127.0.0.1 && whoami (Operator Chaining) Blocked Blocked Blocked Blocked
CMD 127.0.0.1%257C uname -a (Double Encoded Pipe) Blocked Reached App Blocked Reached App

Key Findings from the Research:

Linux Core ModSecurity v3 OWASP Core Rule Set Log Analysis Firefox DevTools

Postgraduate Technical Specialization

MSc in Cyber Security

University of Surrey, UK | GCHQ/NCSC-Certified Degree Programme | Expected Sept 2026

Rigorous, hands-on master's level development within an official Academic Centre of Excellence for Cyber Security Research. Core module coursework and engineering competencies include:

B.E. in Electronics Engineering

M.H. Saboo Siddik College of Engineering, Mumbai (University of Mumbai) | May 2023

Completed a four-year professional engineering degree covering hardware logic circuits, hardware-level programming, network hardware interfaces, and digital logic layouts.

Training: CompTIA Security+ — Course Training Completed