root@nikhil:~$ _

About Me

The story behind the terminal.

Hello, I'm Nikhil ๐Ÿ‘‹

Software developer turned security practitioner โ€” I see every system as a puzzle that deserves to be understood from the inside out.

I spent two and a half years in industry โ€” first as an IT Officer at JK Cement building access-controlled automation systems, then as a Software Developer at Experis IT embedded with Dell Technologies, where I hardened CI/CD pipelines with automated SAST scanning and migrated ML monoliths to secure microservices.

That developer background is now my superpower in security. Knowing how systems are architected โ€” their trust assumptions, their deployment patterns, their API boundaries โ€” helps me think like an attacker with the precision of an engineer.

I'm now pursuing a Master's in Information Technology with a Cyber Security major at UNSW Sydney, where I'm going deep on offensive security: binary exploitation, wireless attack simulation, and web application pentesting.

Outside the lab, you'll find me on HackTheBox, building custom fuzzers, or reverse engineering ELF binaries with pwndbg.

Current Focus

Offensive security, binary exploitation, and wireless security at UNSW

Industry Background

2.5 years at Dell Technologies (via Experis IT) and JK Cement

Location

Based in Sydney, Australia ๐Ÿ‡ฆ๐Ÿ‡บ. Open to remote work globally.

Interests

CTF challenges, hardware hacking, automotive security, firmware analysis

What I Do

Penetration Testing

Web application pentesting covering the full OWASP Top 10. Experienced with Burp Suite, DVWA, and HackTheBox. Produce structured findings reports with PoC and remediation guidance.

  • SQL Injection & XSS
  • IDOR & SSRF
  • Authentication Bypass
  • Burp Suite Professional

Binary Exploitation

Low-level memory corruption research including heap UAF, buffer overflows, and shellcode development. Built a custom black-box fuzzer for 64-bit Linux ELF binaries.

  • Heap & Stack Exploitation
  • Custom Fuzzer Engineering
  • pwndbg & GDB
  • ELF Binary Analysis

Wireless Security

Hardware-based wireless lab experience with Evil Twin simulation, WPA2 handshake capture, and deauthentication attacks. Deep 802.11 protocol knowledge.

  • Evil Twin Attacks
  • WPA2 Handshake Capture
  • Deauth Attack Analysis
  • Aircrack-ng & Scapy

DevSecOps

Embedded security into GitLab CI/CD pipelines at scale. SAST, dependency scanning, microservices security architecture, and token-based authentication systems.

  • SAST & Dependency Scanning
  • GitLab CI/CD Security Gates
  • Docker & Kubernetes
  • Microservices IAM

When I'm Offline

CTF competitions on HackTheBox and TryHackMe
Hardware hacking โ€” Raspberry Pi projects and IoT security research
Reading security research papers and reverse engineering write-ups
Building automation tools and custom security scripts in Python
๐ŸŽฏ

Built a custom ELF fuzzer that found real memory corruption bugs in test binaries

๐Ÿ“ก

Set up a physical wireless attack lab at home with Raspberry Pi hardware

๐Ÿ”

Built a custom CVE scanner that cross-references installed packages against NVD feeds

๐Ÿ”’

Transitioned from developer to security practitioner โ€” still code every day