Technical Capability
Browser Security: V8 internals, JIT pipelines, memory corruption primitives, exploitation techniques under modern mitigations
Android Security: framework attack surfaces, Binder IPC, SELinux policy, kernel interaction paths
Linux Kernel Security: driver flaws, race conditions, memory safety issues, upstream fixes analysis
Sandbox & Mitigations: ASLR, KASLR, CFG, CFI, PAC, sandbox escape conditions
Reverse Engineering: ARM64, x86, x64 across Windows, Linux, Android
Fuzzing: structured fuzzing, crash triage, exploitability validation, harness design
Source Audit: large-scale code review and architecture-level vulnerability discovery
Selected Public Record
Linux Kernel Security Contributions
Security-related kernel work involving driver-level issues, memory safety fixes, and upstream patch discussions across Linux subsystems.
lore.kernel.org
Philips Healthcare Security Vulnerability (Image Management System 15.1)
Buffer overflow vulnerability discovered in Philips Image Management System 15.1 used in healthcare environments. The issue allowed memory corruption conditions in a processing component, requiring coordinated disclosure through Philips Product Security and resulting in inclusion in their Hall of Honors program.
Philips Hall of Honors
Oracle Security Issue (XSS via V8 Internal Behavior in Web Context)
Cross-site scripting vulnerability triggered through unexpected behavior in V8 engine internal mechanisms when executed within Oracle’s web infrastructure context. The issue was tied to JavaScript engine internals and unsafe execution assumptions in higher-level application logic, reported through Oracle’s coordinated security disclosure program.
Oracle CPU Advisory
Conference Research: Prototype Pollution and ReDoS
Research presentation covering prototype pollution exploitation patterns in JavaScript applications and regular expression denial-of-service conditions in real-world web systems.
Conference Post
Nullcon Goa 2023 Scholarship
Selected scholarship recipient at Nullcon Goa 2023 for security research contributions and participation in offensive security and systems research discussions.
Nullcon Post
Podcast: Hackers Behind the Code
Technical podcast discussing offensive security research methodology, vulnerability discovery process, and real-world exploitation workflows.
Spotify Episode
Interview: XSS Rat (Technical Discussion)
Long-form technical discussion covering exploitation approaches, vulnerability research workflow, and offensive security engineering perspectives.
YouTube Video
Research Blog
Upcoming technical write-ups focused on kernel exploitation, driver-level memory corruption, and system-level vulnerability analysis across real-world attack surfaces.
One Oracle, 15 Million Organizations: Inside the Google Workspace Authentication Flaw
Coming Soon
Unchecked Modem Input: OOB Read in the Linux Kernel t7xx WWAN Driver
Read Writeup
wIndex Out of Bounds: Host-Controlled Memory Corruption in the MAX3420 UDC Driver
Read Writeup
One Cable, Three Bugs: Slab OOB in the Linux FOTG210 USB Device Controller
Read Writeup
Recognition
- Multiple Hall of Fame acknowledgments from Google, Oracle, NASA, Philips, and MoonPay
- Listed in the Indian Book of Records as the youngest ethical hacker in India
- Speaker at multiple security conferences
- Nullcon Goa 2023 scholarship recipient with full conference access
- Ranked 29th out of 73,000 teams in a national cybersecurity hackathon
- Contract security research work for Thane Cyber Crime Department
Confidential Work Statement
A substantial portion of offensive security research is conducted under NDA or exists as upstream remediation across production systems.
Public disclosures represent only a subset of total research scope.