Hrishikesh Jadhav.
Detection Engineering · Cloud Security · AppSec · Pentesting
Detection Engineering · Cloud Security · AppSec · Pentesting
A cybersecurity engineer who likes to build, break, and defend systems end to end.
I work across detection engineering, cloud security, and application security. That covers standing up a SIEM and writing custom detection rules mapped to MITRE ATT&CK, deploying and hardening Linux servers and AWS infrastructure, and manual web app pentesting with Burp Suite. I like the full loop: simulating an attack, watching what fires (and what doesn't), and closing the gap honestly.
I'm pursuing an MS in Cybersecurity at Northeastern's Khoury College, and previously spent two years as a Software Engineer building encrypted government APIs, deploying self-hosted infrastructure, and hardening systems with Python and Bash automation. Lately I've been exploring the security of LLM deployments: prompt injection, data leakage, and the OWASP LLM Top 10. I write up what I learn on my blog and stay sharp through CTFs, Hack The Box, and bug bounty.
Configured a Wazuh SIEM end to end: dashboards, detection rules, alert thresholds, and log analysis. Built a digital-envelope API for Indian Customs using hybrid encryption (AES + RSA) with certificate validation to exchange government shipment data. Deployed and configured AWS infrastructure (VPCs, security groups, RDS, site-to-site VPN, IoT Core), hardened Linux servers with Python/Bash automation for firewall rules and access controls, and stood up self-hosted CI/CD, version control, and password-management platforms. Also handled on-site physical security installs: IP cameras, network switches, and IoT readers.
Manual web application penetration testing with Burp Suite, Metasploit, and SQLmap. Discovered authentication bypass, IDOR, XSS, and injection flaws, wrote vulnerability reports with remediation recommendations, and retested patched systems to confirm fixes.
Maps how mergers and acquisitions expand attack surface (parent → subsidiaries → domains → cloud assets → vendors) with automated risk scoring. Pulls subsidiary lists from SEC EDGAR (Exhibit 21), propagates risk upward via Cypher traversals, detects attack paths, and renders it all in interactive D3.js dashboards. One-command Docker deploy.
A 3-VM isolated lab (Kali attacker, Windows + Sysmon victim, Ubuntu Wazuh manager). Simulated SMB brute force, scheduled-task persistence, Mimikatz credential dumping, and LLMNR poisoning, and wrote custom detection rules mapped to MITRE ATT&CK. Documented a real host-level detection gap for LLMNR poisoning rather than hiding it.
Self-hosted LLM agent on personal infrastructure, reached over zero-trust remote access with no port forwarding. Automates bug bounty report curation into a daily Discord digest, turns synced notes into spaced-repetition quizzes, and runs a CTF practice pipeline into a local CTFd instance. Researched prompt injection and data leakage risks along the way.
A Python framework for external attack surface reconnaissance (subdomain enumeration, port scanning, screenshotting, and Nuclei vulnerability scanning) with automated alerting when newly exposed assets appear.
DHS final research paper analyzing SCADA/OT vulnerabilities and IT/OT convergence risk across critical infrastructure. Modeled cascading-failure scenarios against threat vectors and prioritized mitigations, aligned to NIST CSF and NIST SP 800-82.
I write up what I learn on my blog, and keep my hands dirty on Hack The Box, TryHackMe, OverTheWire, PortSwigger's Web Security Academy, and CTF competitions across web exploitation, reverse engineering, and forensics.
Read the blog →Hands-on offensive practice: boxes and challenges across web, post-exploitation, and privilege escalation.
Guided rooms and learning paths covering offensive and defensive security fundamentals.
Completed learning path covering web app, network, and privilege-escalation pentesting methodology.
Practical bug-hunting training. Also: C and C++ training from IIT Bombay.