Threat Researcher focused on monitoring and analyzing wide spectrum of sources by utilizing HUMINT, SOCMINT, and OSINT and producing finished threat intelligence.
Apurv Singh Gautam is a Cybercrime Researcher working as a Sr. Threat Research Analyst at Cyble. He is focused on monitoring and analyzing wide spectrum of sources, creating automated tools, and performing threat investigations by utilizing HUMINT, SOCMINT, and OSINT and producing threat intelligence.
Apurv has contributed to the latest SANS Institute's course FOR589 on Cybercrime Intelligence and is a contributing member of Curated Intel. He has delivered talks & workshops at national and international conferences like SANS OSINT Summit, SANS Cyber Defense Forum, DEFCON Blue Team Village, BSides Singapore, RootCon and others. Apurv is featured in major podcasts like ITSPMagazine, Tech Talks with Singh, etc. He is passionate about giving back to the community and helping others get into this field, and has delivered many talks and workshops in schools and colleges. He loves volunteering with StationX to help students navigate into Cybersecurity. In the past, he has also volunteered as a Darknet researcher at CTI League and EBCS Darknet Analysis group. He holds a master's degree in Information Security from Georgia Institute of Technology, USA.
He looks forward to the end of the day to play and stream one of the AAA games, Rainbow 6 Siege.
Georgia Tech Unveiled: Tales of Admission Triumphs | Conversations with a Current Student & an Alum
The Recession Proof Tech Job in 2024 - Meet CyberSecurity Hacker!
Meet Cyber Security Engineers! Ft. Google & Cyble Engineers!!
Career, Scope, And Future of Cybersecurity! Job Roles in Cybersecurity! Ft. Apurv
How to do Masters in USA Under $5000 - Ft. Apurv | How to get Funding for Education in America
304 In GRE: Georgia Tech & 4 Other Top Admits: Get Apurv's Strategy
Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
All about Cyber Security - From the Perspective of an MS Student
2-Day Seminar on Cybersecurity Fundamentals
Sr. Threat Research Analyst
Austin, USA
(Apr 2023 - Current)
Highlights of my work:
Threat Researcher
Austin, USA
(Jul 2021 - Mar 2023)
Highlights of my work:
Security Analyst
Atlanta, USA
(Sept 2020 - Mar 2021)
Highlights of my work:
Security Research Intern
Berkeley, USA
(May 2020 - Jul 2020)
Highlights of my work:
Security Researcher
Pune, India
(May 2018 - May 2019)
Highlights of my work:
M.S. in Cybersecurity
B.TECH in Information Technology
The exponential growth in data and technology has brought in prospects for progressively destructive cyber-attacks. Traditional security controls struggle to match the intricacy of cybercriminal tools and methods; organizations have shifted towards Threat Intelligence - evidence-based knowledge, including context, mechanisms, indicators, implications, and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject's response to that menace or hazard. Amongst various platforms for threat intelligence (TI), hacker forums deliver rich metadata and thousands of Tools, Techniques, and Procedures (TTP). Today, many public and commercial sources distribute dark web threat intelligence data feeds to support this purpose. However, our understanding of this data, its characterization, and the extent to which it can meaningfully support its intended uses are still quite limited. This research will address these gaps by defining a set of metrics for characterizing dark web threat intelligence data feeds. There have been similar metric-based research done for structured data, but there is no prior work for free-form text. Our measurement results give grounding to the consumers about the purchase and optimal use of dark web threat intelligence data feeds.
The exponential growth in data and technology has brought in prospects for progressively destructive cyber-attacks. Traditional security controls are struggling to match with the intricacy of cybercriminal tools and methods, and organizations are now looking for better approaches to strengthen their cybersecurity capabilities. Cyber Threat Intelligence (CTI) in real-time is one such proactive approach that ensures that deployed appliances, security solutions, and strategies are continually evaluated or optimized. Amongst various platforms for threat intelligence, hacker forums deliver rich metadata, and thousands of Tools, Techniques, and Procedures (TTP). This research paper employs machine learning and deep learning approach using neural networks to automatically classify hacker forum data into predefined categories and develop interactive visualizations that enable CTI practitioners to probe collected data for proactive and timely CTI. The results from this research show that among all the models, deep learning model RNN GRU gives the best classification results with 99.025% accuracy and 96.56% precision.
This chapter illustrates the understanding of cybercrime, recent trends in cybercrime, and the measures by which these cybercrimes can be eliminated to a considerable extent. The authors discuss various emerging cybercrime techniques, including steganography, next-generation malware, next-generation ransom wares, social engineering attacks, and attacks using machine learning and IoT devices. This chapter is published as Chapter 10 in the book Handbook of e-Business Security.
For more projects checkout my GitHub
This is a research project that uses the top 1 million list of domains from three data sources, namely Majestic, Alexa, and Tranco, to apply a set of security metrics and visualize the results of that analysis along with a summary of the change in popularity of domains for 30 days. The project also provides a tool to enumerate sub-domains efficiently, without compromising on quality results.
A reverse shell over HTTP (dodges deep packet inspection) by using Python 3 and no external dependencies.
This is a Threat Hunting tool built on Flask. This tool scrapes IOCs, including IP addresses, hashes, and emails from Pastebin's latest pastes. It uses Elasticsearch as the database to store the forum data and Kibana for visualizing data from Elasticsearch.
This is a Web Scraping application built on Flask. This web application scrapes forum posts from the Bitshacking hack forum. It uses Elasticsearch as the database to store the forum data, and Kibana is used for visualizing data from Elasticsearch.