Bio

I'm a Master's student in Cybersecurity at Georgia Tech, working with Prof. Paul Pearce. I am focused on darknet and darkweb research, creating automated tools to collect data and perform threat investigations by utilizing HUMINT, SOCMINT, and OSINT.

I am currently working as a Head Teaching Assistant for CS 4235/6035 Intro to Information Security. I am volunteering as a Darknet researcher at the EBCS Darknet Analysis group. My work revolves around creating automated scrapers to collect data from the dark web forums/marketplaces, analyze and store the data into a database, collect new onion domains, and investigate new threats and threat groups on forums. I am also volunteering as a Darknet researcher at CTI League and as a Teaching Assistant at StationX.

Previously, I worked as a Security Intern at IZon Group LLC, focusing on threat intelligence, dark web analysis, and investigating new threats and threat groups related to different sectors.

During the Summer of 2020, I worked as a Security Research Intern at ICSI, UC Berkeley. I performed novel research on Threat Intelligence related to dark web data from forums and marketplaces.

During my first semester at Georgia Tech, I worked with Prof. Maria Konte and Gaurav Pande on a research project. It utilizes different threat intelligence feeds to assess network reputation and detecting & mitigating Volumetric anomalies using Machine Learning analysis using Python.

Previously, I worked as a Security Research Intern at Volon Cyber Security Pvt. Ltd. with Rahul Binjve, focusing on threat intelligence, threat hunting on dark web data, and designing data collection systems for the same.

During my undergrad at Symbiosis Institute of Technology, I worked on a research project with Prof Pooja Kamat and Yamini Gahlot titled Hacker Forum Exploit and Classification for Proactive Cyber Threat Intelligence. It utilizes hacker forum data for proactive cyber threat intelligence. I further wrote a research paper that I presented at ICICT Conference proceedings hosted by RVS Technical Campus, Coimbatore, Tamil Nadu, India. It was published in Springer Lecture Notes in Networks and Systems, Volume 98..

I also wrote a research chapter with Prof. Pooja Kamat, "Recent Trends in the Era of Cybercrime and the Measures to Control Them," which got published in Chapter 10 in the book Handbook of e-Business Security by CRC Press (Taylor and Francis Group).

I occasionally play CTFs and am learning many new things in the cybersecurity domain every day. I am passionate about giving back to the community and helping others get into this field. I have delivered talks at SANS OSINT Summit, SANS Cyber Defense Forum, BSides Toronto, Grayhat Blue Team Village, DEFCON Red Team Village, The Diana Initiative, and a few other conferences. Apart from this, I have also delivered many talks and seminars in security meetups (Null Pune), colleges, and schools. I love attending security conferences and have attended Hakon Indore, BSides Delhi, BSides Tampa, BSides Atlanta, NulCon Goa, and many others. I like playing games, and I mostly play and stream Rainbow 6 Siege. I love nature and hiking.

Projects

Crawling and Analyzing Top 1 Million Domains

This is a research project that uses the top 1 million list of domains from three data sources, namely Majestic, Alexa, and Tranco, to apply a set of security metrics and visualize the results of that analysis along with a summary of the change in popularity of domains for 30 days. The project also provides a tool to enumerate sub-domains efficiently, without compromising on quality results.


Assess network reputation through multiple threat intelligence data feed

This is a research project that utilizes multiple threat intelligence feeds to assess network reputation and detecting & to mitigate Volumetric anomalies using Machine Learning analysis using Python. It utilizes PARAFAC tensor decomposition to decompose higher-order tensors in order-1 tensors.
Supervising Faculty - Prof. Maria Konte


PastebinScrapy

This is a Threat Hunting tool built on Flask. This tool scrapes IOCs, including IP addresses, hashes, and emails from Pastebin's latest pastes. It uses Elasticsearch as the database to store the forum data and Kibana for visualizing data from Elasticsearch.


ForumScrapy

This is a Web Scraping application built on Flask. This web application scrapes forum posts from the Bitshacking hack forum. It uses Elasticsearch as the database to store the forum data, and Kibana is used for visualizing data from Elasticsearch.


webhose.io Portal

This is a web application built on Flask. It utilizes webhose.io API to fetch the JSON data from News, Blog, Online Discussions, Online Reviews, Broadcast, and Dark Web filters and visualizes it.

You can see more projects on my Github Page.

Publications

Hacker Forum Exploit and Classification for Proactive Cyber Threat Intelligence

The exponential growth in data and technology has brought in prospects for progressively destructive cyber-attacks. Traditional security controls are struggling to match with the intricacy of cybercriminal tools and methods, and organizations are now looking for better approaches to strengthen their cybersecurity capabilities. Cyber Threat Intelligence (CTI) in real-time is one such proactive approach that ensures that deployed appliances, security solutions, and strategies are continually evaluated or optimized. Amongst various platforms for threat intelligence, hacker forums deliver rich metadata, and thousands of Tools, Techniques, and Procedures (TTP). This research paper employs machine learning and deep learning approach using neural networks to automatically classify hacker forum data into predefined categories and develop interactive visualizations that enable CTI practitioners to probe collected data for proactive and timely CTI. The results from this research show that among all the models, deep learning model RNN GRU gives the best classification results with 99.025% accuracy and 96.56% precision.


Recent Trends in the Era of Cybercrime and the Measures to Control Them

This chapter illustrates the understanding of cybercrime, recent trends in cybercrime, and the measures by which these cybercrimes can be eliminated to a considerable extent. The authors discuss various emerging cybercrime techniques, including steganography, next-generation malware, next-generation ransom wares, social engineering attacks, and attacks using machine learning and IoT devices. This chapter is published as Chapter 10 in the book Handbook of e-Business Security.

Talks/Seminars

SANS Open-Source Intelligence Summit - OSINT Tools for Diving Deep into the Dark Web [Slides] [YouTube Video] - Feb 2021

I presented a talk at SANS OSINT Summit on OSINT tools for researching on the dark web. I talked about why we should focus on the dark web, 4 different tool categories (search engine, getting onion links, scanning tools, and crawling tools), etc.


BSides Philly - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Dec 2020

I presented a talk at BSides Philly on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


BSides DFW - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Nov 2020

I presented a talk at BSides DFW on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


Grayhat Blue Team Village - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Oct 2020

I presented a talk at Grayhat conference in the Blue Team Village on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


BSides Toronto - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] - Oct 2020

I presented a talk at BSides Toronto conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


RootCon - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Oct 2020

I presented a talk at RootCon conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


SANS Cyber Defense Forum - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Oct 2020

I presented a talk at SANS Cyber Defense Forum conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, and automating threat hunting.


BSides Singapore - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Sept 2020

I presented a talk at BSides Singapore conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


The Diana Initiative - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Aug 2020

I presented a talk at The Diana Initiative conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


DEFCON 28 Red Team Village - Automating Threat Hunting on the Dark Web and other nitty-gritty things [Slides] [YouTube Video] - Aug 2020

I presented a talk at the DEFCON 28 Red Team Village conference on Automating Threat Hunting on the Dark Web and other nitty-gritty things. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, automating threat hunting, threat intelligence lifecycle, etc.


GRIMMCon 0x2 - Threat Hunting on the Dark Web [Slides] [YouTube Video] - Jul 2020

I presented a talk at the GRIMMCon 0x2 conference on Threat Hunting on the Dark Web. I talked about hunting on the dark web, and tools used, human element while hunting, opsec, etc.


Career, Scope, and Future of CYBERSECURITY! Job Roles in Cybersecurity! Ft. Apurv [YouTube Video] - Jul 2020

YudiJ and I talk about cybersecurity, careers in cybersecurity, some of the misconceptions about studying cybersecurity in the US, how to build your profile in cybersecurity, and my day-to-day life looks like studying and working in cybersecurity.


How To Do Masters In USA under $5000 - Ft. Apurv | How To Get Funding For Education in America [YouTube Video] - Jun 2020

YudiJ and I talked about my journey from India to the USA for a master's in cybersecurity. We talked about my profile (GRE, TOEFL, GPA, etc.), how many admit I got, why I chose Georgia Tech, fees of Georgia Tech, living costs, on-campus jobs, how I got a TA offer, and what kind of work I do as a TA.


304 in GRE: Georgia Tech & 4 other top Admits: Get Apurv's strategy - GREedge Guest Seminar [Seminar] - Oct 2019

I was invited by GREedge to deliver this seminar Live from Georgia Tech. I presented it to around 250 MS aspirants that registered for the GREedge Guest Seminar. I talked about my profile, how to apply for MS, how to prepare for GRE, TOEFL, and how to build your profile, projects, research papers, internships, jobs, etc.


All about Cyber Security - From the perspective of an MS student [Slides] - Apr 2019

I was invited to present this seminar to Cyber Security Certification batch students at Symbiosis Institute of Technology, Pune. I talked about how to enter into cybersecurity, why cybersecurity is a right field, how to prepare for MS, how to make a good profile in cybersecurity, and my projects in cybersecurity.


Seminar on Cyber Security - SIT Pune Summer School [Slides] - Jun 2018

I was invited to present this seminar to high school students that visited Symbiosis Institute of Technology, Pune, as a part of their Summer School program. I talked about cybersecurity, cybercrime, how to be safe online, and different online safety tips.


LogOut Cyber Awareness Seminar - MIT Pune [Slides] - Feb 2018

I presented this seminar to 3rd and 4th-year students of Maharashtra Institute of Technology, Pune. It was a part of Cyber Awareness seminars by the LogOut group during Cyber Awareness month. I talked about cybersecurity awareness, cybercrime, cyber laws, and how to be secure online.


Talk on Bitcoin Forensics - Null Pune [Slides] - Jan 2018

I delivered this talk at the Null Pune chapter. I talked about how to conduct forensics on Bitcoins and Blockchains.


Talk on OSINT - Null Pune [Slides] - Nov 2017

I delivered this talk at the Null Pune chapter. I talked about different OSINT techniques and online resources that one can use while performing OSINT.


Talk on Network VAPT - Null Pune [Slides] - Oct 2017

I delivered this talkat the Null Pune chapter. I talked about steps in Network VAPT and practically demonstrated the performing of VAPT on a VulnHub machine.


Talk on trending cybersecurity news - Null Pune [Slides] - Sept 2017

I delivered this talk at the Null Pune chapter. I talked about trending news related to cybersecurity.


Seminar on Cyber Security Fundamentals - SIT Pune [Slides] - Jul 2017

I presented this seminar to 2nd-year Computer Science and Information Technology students of Symbiosis Institute of Technology, Pune. I talked about the fundamentals of networking and cybersecurity and practically demonstrated how to create a RAT trojan.


2-day Seminar on Cyber Security Fundamentals - TAIS Varanasi [Day1 Slides],[Day2 Slides] - Jul 2017

I was invited to present a 2-day seminar to 11th and 12th-grade students at The Aryan International School, Varanasi. I talked about the fundamentals of networking and cybersecurity.