Research & Publications

My contributions to Cyber Security and technology research

Research Projects

Research on Cloud Security

Department of Chanakya University

2023-2024

Flaws.Cloud: Explored vulnerabilities in cloud security and devised mitigation techniques using AWS CLI commands.

Research on Database Forensic Investigation

Department of Chanakya University

2023-2024

Collaborated with a research team to explore database forensic investigation methodologies. Conducted experiments on Oracle databases and gained practical insights into real-world forensic scenarios. Delivered a seminar on findings and shared knowledge with peers and faculty.

Research on Cyber Security

Department of Chanakya University

2023-2024

Analyzed vulnerabilities in the Cosmos Bank attack and presented causes and mitigation strategies.

Write-ups & Blogs

View All
CTF Write-up Security

CloudSek Hiring CTF - Round 2

December 2025

Comprehensive write-up covering four security challenges: NITRO automation, XXE injection, PHP type confusion in MFA, and Android APK reverse engineering with JWT forgery.

XXE JWT Type Confusion Mobile Security
Read Full Article
CTF Write-up SSTI

Boot Sequence - CloudSek Hiring CTF

December 2025

Deep dive into exploiting an orbital relay system through JWT forgery, privilege escalation, and Server-Side Template Injection leading to Remote Code Execution.

SSTI JWT Cracking RCE Jinja2
Read Full Article
CTF Write-up Web Security

Fool's Mate — Client-Side Validation Bypass

2025

A chess web app blocks the winning move using client-side JavaScript. By intercepting browser fetch calls and communicating with the API directly, the UI restriction is bypassed entirely and the flag extracted.

Client-Side Bypass Fetch API JavaScript
Read on Medium
CTF Write-up Web Security

Fool's Mate Revenge — Query String Injection

2025

Same puzzle, harder gate. The server withholds the flag behind a session property check. After ruling out mass assignment and prototype pollution, a query string parameter injected into the move endpoint unlocks the reward.

Query Injection Session Bypass Mass Assignment
Read on Medium
Security Research

Cookie Headers

2025

An exploration of HTTP cookie header fields—how they work and best practices for secure session implementation.

HTTP Cookies Session Security
Read on Medium
Security Research Mobile

How to Capture Mobile Traffic

2025

A guide on intercepting and analyzing mobile app network requests using tools like Burp Suite.

Burp Suite Traffic Analysis Mobile Security
Read on Medium
Security Research Android

Android Debug Bridge

2025

A walkthrough of using Android Debug Bridge shell commands to access and control Android devices for debugging and development.

ADB Android Shell Commands
Read on Medium

Research Interests

Cloud Security

Web Application Security

Mobile Security

Database Forensics

IoT Security

ML Security

Research Impact

My research focuses on practical cyber secrurity solutions and knowledge dissemination through academic publications and technical articles.

3+
Research Projects
4+
Published Articles
2+
Years Research
100+
Citations