Cyber Security postgraduate student at the University of Surrey with a professional background in Electronics Engineering from Mumbai. I focus on Linux systems engineering, web application security testing, network defense, and setting up containerized automation workflows using tools like Docker and n8n.
Testing Web Application Firewall configurations, parsing logs for rule analysis, evaluating payload behavior, and understanding network protocols and access controls.
Creating backend automation lines, system containerization, administering Linux remote servers via CLI environments, managing secure webhooks, and writing processing logic configurations.
I built an automation system using self-hosted n8n to process and verify text logs from pilots automatically, saving hours of manual data entry.
For my master's dissertation, I set up a local testing lab to evaluate how effectively ModSecurity v3 and the OWASP Core Rule Set (CRS) 3.3.7 block different modified attack payloads in front of the Damn Vulnerable Web Application (DVWA).
| Attack Type | Payload / Obfuscation Style | PL1 (Threshold 5) | PL2 (Threshold 10) | PL3 (Threshold 15) | PL4 (Threshold 20) |
|---|---|---|---|---|---|
| SQLi | 'OR "1"="1 (Standard Tautology) |
Blocked | Blocked | Blocked | Blocked |
| SQLi | /**/OR/**/'1'='1 (Inline Comments) |
Blocked | Blocked | Blocked | Blocked |
| XSS | <script>alert(1)</script> (Direct Script) |
Reached App | Reached App | Blocked | Blocked |
| XSS | <img src=x onerror=alert(1)> (Event Handler) |
Reached App | Reached App | Blocked | Blocked |
| CMD | 127.0.0.1 && whoami (Operator Chaining) |
Blocked | Blocked | Blocked | Blocked |
| CMD | 127.0.0.1%257C uname -a (Double Encoded Pipe) |
Blocked | Reached App | Blocked | Reached App |
%257C bypass mid-tier settings because the character is only fully revealed after the second decoding pass, changing how its anomaly score builds up.Rigorous, hands-on master's level development within an official Academic Centre of Excellence for Cyber Security Research. Core module coursework and engineering competencies include:
Completed a four-year professional engineering degree covering hardware logic circuits, hardware-level programming, network hardware interfaces, and digital logic layouts.
Training: CompTIA Security+ — Course Training Completed