About Me
The story behind the terminal.
Hello, I'm Nikhil ๐
Software developer turned security practitioner โ I see every system as a puzzle that deserves to be understood from the inside out.
I spent two and a half years in industry โ first as an IT Officer at JK Cement building access-controlled automation systems, then as a Software Developer at Experis IT embedded with Dell Technologies, where I hardened CI/CD pipelines with automated SAST scanning and migrated ML monoliths to secure microservices.
That developer background is now my superpower in security. Knowing how systems are architected โ their trust assumptions, their deployment patterns, their API boundaries โ helps me think like an attacker with the precision of an engineer.
I'm now pursuing a Master's in Information Technology with a Cyber Security major at UNSW Sydney, where I'm going deep on offensive security: binary exploitation, wireless attack simulation, and web application pentesting.
Outside the lab, you'll find me on HackTheBox, building custom fuzzers, or reverse engineering ELF binaries with pwndbg.
Current Focus
Offensive security, binary exploitation, and wireless security at UNSW
Industry Background
2.5 years at Dell Technologies (via Experis IT) and JK Cement
Location
Based in Sydney, Australia ๐ฆ๐บ. Open to remote work globally.
Interests
CTF challenges, hardware hacking, automotive security, firmware analysis
What I Do
Penetration Testing
Web application pentesting covering the full OWASP Top 10. Experienced with Burp Suite, DVWA, and HackTheBox. Produce structured findings reports with PoC and remediation guidance.
- SQL Injection & XSS
- IDOR & SSRF
- Authentication Bypass
- Burp Suite Professional
Binary Exploitation
Low-level memory corruption research including heap UAF, buffer overflows, and shellcode development. Built a custom black-box fuzzer for 64-bit Linux ELF binaries.
- Heap & Stack Exploitation
- Custom Fuzzer Engineering
- pwndbg & GDB
- ELF Binary Analysis
Wireless Security
Hardware-based wireless lab experience with Evil Twin simulation, WPA2 handshake capture, and deauthentication attacks. Deep 802.11 protocol knowledge.
- Evil Twin Attacks
- WPA2 Handshake Capture
- Deauth Attack Analysis
- Aircrack-ng & Scapy
DevSecOps
Embedded security into GitLab CI/CD pipelines at scale. SAST, dependency scanning, microservices security architecture, and token-based authentication systems.
- SAST & Dependency Scanning
- GitLab CI/CD Security Gates
- Docker & Kubernetes
- Microservices IAM
When I'm Offline
Built a custom ELF fuzzer that found real memory corruption bugs in test binaries
Set up a physical wireless attack lab at home with Raspberry Pi hardware
Built a custom CVE scanner that cross-references installed packages against NVD feeds
Transitioned from developer to security practitioner โ still code every day