Cybersecurity Graduate | DFIR • Incident Response • Penetration Testing • Malware Analysis • Blue Team • Red Team
Get In Touch
I’m a passionate Cyber Security undergraduate at Edith Cowan University (Joondalup), specialising in digital forensics, malware analysis, and incident detection. My studies and projects have strengthened my ability to investigate complex cyber incidents, analyse malicious software, and design defensive strategies using tools such as Autopsy, Ghidra, Wireshark, and ELK Stack, etc. Beyond technical expertise, I value critical thinking, teamwork, and ethical decision-making, which I’ve developed through numerous hands-on projects like Spyware Analysis Toolkit, Joondalup Innovation Challenge 2024, etc. I enjoy bridging technical precision with real-world application — whether it’s tracing malware behaviour, correlating network logs, or building a practical toolkit for forensic analysts. I’m continuously expanding my skills toward contributing in safeguarding digital world, driven by curiosity, discipline, and a commitment to make the digital world safer.
Entrepreneurship Challenge where I with my team designed an AI integrated buisness model to minimize traffic congestions in the city of Joondalup.
View project →Lead a group project of 5 people where we created a Spyware Analysis Toolkit consisting of 26 tools that are compatible to analyse all the different kinds of spywares from different spyware families, based on different architectures, targeting different Operating Systems.
View project →Completed two major digital forensic case investigations involving the development of forensic investigation plans and the analysis of forensic disk images to identify illegal content and ransomware-related activity and documented all artifacts and issues in a professional report along with running sheet.
View Assignment →Completed a series of practical ethical hacking assessments involving real-world penetration testing workflows, OSINT, vulnerability scanning, service enumeration, exploitation, password cracking, and privilege escalation. Delivered a recorded penetration testing demonstration and a full industry-standard penetration testing report. The project included attacking a vulnerable VM, gaining user and root access, uncovering multiple flags, analysing misconfigurations, and recommending mitigation strategies. Work included both theoretical analysis of ethical/legal implications and hands-on execution of black-box penetration testing using professional tools and methodologies.
View Assignment →Analysed enterprise cybersecurity frameworks (NIST CSF vs ISO 27001), delivered a management-level video briefing, investigated a ransomware-based community education breach, identified technical & governance failures, and recommended sustainable security controls aligned with NIST & ISO standards. Completed a full governance portfolio outlining personnel security, policy development, risk analysis, and asset protection practices.
View Assignment →Analysed a 200,000-record honeypot cyberattack dataset (WACY-COM) by performing structured data cleaning, exploratory data analysis, PCA, and supervised machine learning modelling. Delivered a PCA video presentation interpreting principal components, key loadings, and visual separability of APT vs non-APT attackers. Trained and tuned three supervised ML models using repeated cross-validation, optimised hyperparameters, and evaluated model performance on a hold-out test set using sensitivity, specificity, and accuracy. Recommended the strongest model using evidence-based performance metrics and clear visualisations.
View Assignment →Implemented and operated an ELK-based monitoring stack in Docker, restored honeypot snapshots, and analysed multi-source security logs within an Azure VM. Investigated T-Pot honeypot data using Kibana Discover and custom dashboards to identify attack origins, trends, and techniques. In a final incident case study, correlated Winlogbeat, Auditbeat, Filebeat, and Packetbeat logs to reconstruct a multi-stage intrusion involving brute-force SSH, LOLBins abuse, and malware activity (e.g. LummaStealer), mapped events to the Cyber Kill Chain and MITRE ATT&CK, and recommended concrete tools and countermeasures for future detection and prevention.
View Assignment →Completed two major hands-on security assignments. The first involved analysing the Latitude Financial data breach, where I examined the sequence of events, identified exploited vulnerabilities, evaluated the organisation’s response, and delivered risk-aligned recommendations across technical, social, and regulatory domains. The second assignment was a full secure network configuration and monitoring implementation, where I deployed and hardened an Ubuntu-based server environment. This included configuring OpenSSH with MFA, implementing a Cowrie honeypot, enforcing strict iptables firewall rules, conducting logging and monitoring, and evaluating the system’s security posture through port scanning and weakness identification.
View Assignment →Completed a series of advanced malware analysis projects focused on static analysis, dynamic analysis, reverse engineering, and modern ransomware detection research. My work included evaluating static and dynamic analysis tools, conducting in-depth reverse engineering on a live malware sample, analysing its architecture, behavioural patterns, and persistence mechanisms, and developing YARA/Sigma-style detection rules. I also produced a 1500-word white paper reviewing state-of-the-art ransomware detection techniques—covering heuristic, behavioural, sandbox/cloud, ML/AI, and anomaly-based detection—and presented findings through a technical security briefing.
View Assignment →Designed and implemented multiple cryptographic systems, applying both foundational and modern cryptographic principles. My work included building custom encryption and decryption algorithms in Excel and Python, evaluating their security properties, and demonstrating practical knowledge of symmetric encryption, asymmetric encryption, hashing, message authentication, and digital signatures. I also produced a technical report proposing a new hybrid cryptosystem for securing ECU’s internal web traffic, comparing it against TLS and analysing its structural components, security guarantees, and potential vulnerabilities. Additionally, I conducted structured cryptanalysis tasks, evaluated cipher weaknesses, implemented classical and modern ciphers, and performed hands-on encryption workflows that model real-world secure communication systems.
View Assignment →Developed practical automation solutions using Bash scripting to process data, analyse text, and transform log files into structured formats. My work included building an interactive character-parsing script that validated input, analysed allowed and disallowed characters, and generated structured output (see script: parsechars.sh). I then created a log-processing tool that converted a four-column web log into a six-column formatted dataset using regex, pattern matching, and stream editing with sed (logparser.sh). Finally, I designed an advanced command-line log analysis utility with support for flags (-s, -d, -z), dynamic searching, CSV validation, output generation, and optional ZIP creation (logparserpro.sh).
View Assignment →Completed industry-aligned security management projects focused on risk assessment, governance, compliance, and executive decision-making. I analysed the Optus data breach, identifying root causes, impacts on the CIA triad, and legal and ethical implications under Australian privacy legislation, and provided management-level recommendations. I also contributed to an enterprise security improvement program, performing asset identification, weighted risk analysis, policy development, budgeting, and implementation planning aligned with ISO 27001, NIST SP 800-53, and the Australian ISM. Additionally, I designed a Splunk SIEM dashboard using the BOTSv3 dataset to help non-technical stakeholders monitor security policy compliance through clear, actionable visualisations.
View Assignment →Completed applied security assessments focused on protecting IoT and Operational Technology (OT) systems within critical infrastructure environments. I designed and secured an MQTT-based IoT architecture for a port authority scenario, configuring publisher–broker–subscriber communication across multiple virtual machines, analysing network traffic, and detecting malicious activity using IDS monitoring. This included performing a False Data Injection (FDI) attack against an unsecured MQTT broker, evaluating its impact, and implementing authentication and additional security controls to mitigate the attack. I also conducted an OT security risk assessment for a port conveyor belt system controlled by PLCs, identifying known CVEs, modelling attack paths using an attack tree, and evaluating the risks of integrating OT networks with enterprise IT systems. My analysis applied the Purdue Model to assess network segmentation and challenged vendor recommendations from a cybersecurity perspective.
View Assignment →Designed and implemented a complete relational database system from requirements analysis through to physical implementation. My work involved analysing a real-world business scenario, defining assumptions and business rules, and producing logical and physical ER diagrams to model entities, relationships, and constraints. I developed detailed data dictionaries, enforced primary and foreign key relationships, and normalised the schema to ensure data integrity and consistency. I then implemented the database using SQL by creating tables, constraints, views, and query scripts, and executed complex queries to retrieve, aggregate, and validate business data. This included designing views for simplified access, writing reusable SQL scripts, and validating the design against functional requirements.
View Assignment →I developed a strong foundation in computer hardware, processor architecture, data representation, storage technologies, networking, and cloud computing concepts. My assignments involved analysing processor operation at an instruction level, including the fetch–decode–execute cycle, binary arithmetic, ALU operations, and CPU flag behaviour. I also evaluated modern processor performance techniques and compared them against simplified processor models. In addition, I conducted detailed hardware analysis of modern computing devices, assessing CPU architecture, memory hierarchy (RAM and cache), secondary storage technologies, and power–performance trade-offs, with a focus on mobile device design constraints. I further analysed networking and cloud computing scenarios, including IP addressing, routing, VPN functionality, and Infrastructure as a Service (IaaS) deployment decisions.
View Assignment →Developed strong technical communication and analytical skills through a series of applied networking and communication assignments. I analysed real network traffic using protocol analysis tools, examined core communication protocols such as TCP, HTTP, and DNS, and explained their behaviour using a layered networking approach. I also designed and evaluated small-to-medium enterprise network topologies, implementing subnetting, routing, VLANs, and DHCP in simulated environments.Across written reports and recorded presentations, I translated technical findings into clear, structured explanations suitable for both technical and non-technical audiences.
View Assignment →I analysed real-world and simulated cyber incidents to understand how security breaches occur, escalate, and impact organisations. I conducted in-depth case studies on major cyberattacks, examining attack vectors, timelines, threat actors, and indicators of compromise (IoCs), while mapping impacts against the CIA triad. I also evaluated organisational security postures by identifying technical and non-technical vulnerabilities and proposing practical, standards-aligned countermeasures. This included designing access control strategies, authentication mechanisms, secure network configurations, physical security controls, data disposal policies, and resilient backup and recovery strategies. Additionally, I communicated technical findings through formal reports and video presentations, tailored for both technical and non-technical audiences.
View Assignment →I worked as part of a consulting-style team to analyse real organisational problems and translate business needs into structured system requirements and models. I contributed to the end-to-end analysis of an information system for a sports association, producing a formal requirements specification that replaced manual processes with an online solution. My work involved eliciting and documenting functional and non-functional requirements, defining system scope and assumptions, and designing comprehensive UML models including use case diagrams, domain class diagrams, state machine diagrams, activity diagrams, sequence diagrams, and user interface layouts. I also completed an individual continuation of the project, refining system behaviour, data dictionaries, and interaction flows to ensure consistency, correctness, and traceability.
View Assignment →I developed strong foundations in programming logic, problem solving, and software design using Python. I designed and implemented multiple programs ranging from command-line applications to graphical user interfaces, applying structured programming principles such as functions, loops, conditionals, data structures, and file handling. My major project involved designing a complete Python application consisting of a CLI-based data management system and a GUI-based game, incorporating pseudocode-driven design, JSON-based persistent storage, input validation, and object-oriented principles. These assignments strengthened my ability to translate requirements into working software, design maintainable code, and follow best practices in program structure, usability, and documentation.
View Assignment →I produced full intelligence assessments on contemporary geopolitical and domestic security issues, applying structured analytic techniques to support decision-making under uncertainty. My work included a strategic assessment of Ukraine’s likely military focus following failed peace negotiations, evaluating military, diplomatic, economic, and informational factors to forecast objectives and risks over a defined time horizon. I also conducted a domestic extremism assessment examining the Australian Sovereign Citizen movement, analysing ideology, growth drivers, threat trajectories, and the likelihood of escalation following government firearm confiscation efforts. Across both reports, I evaluated source reliability, developed assumptions, identified intelligence gaps, and delivered clear, evidence-based judgments and recommendations tailored for senior decision-makers. These assignments strengthened my ability to transform complex, ambiguous information into actionable intelligence products.
View Assignment →Completed advanced counterintelligence assessments focused on intelligence deception, threat mitigation, and protection of sensitive organisational interests. Analysed historical intelligence operations to evaluate objectives, security controls, ethical considerations, and consequences of compromise. Designed and delivered a comprehensive Counter Intelligence Security Plan for a Defence-related infrastructure tender, identifying insider, foreign interference, cyber, physical, and reputational threats. Applied structured CI frameworks to develop proactive and reactive measures, integrating governance, personnel security, information security, cyber controls, and third-party risk management in alignment with Australian security standards.
View Assignment →A snapshot of my hands-on experience across DFIR, malware analysis, penetration testing, and security governance — backed by university investigations, lab work, and case-study reporting.
Disk image analysis (Autopsy / FTK Imager)
90%Windows artefact & registry analysis
85%Evidence documentation (running sheets / timelines)
90%Memory forensics (Volatility basics)
70%Elastic Stack investigations (Kibana / Beats / KQL)
85%Log correlation & intrusion reconstruction
80%Network traffic analysis (Wireshark)
85%Framework mapping (MITRE ATT&CK / Kill Chain)
80%Static analysis (Ghidra / PE tools)
80%Dynamic analysis & sandbox triage
75%Linux analysis tooling (strace, objdump, radare2)
70%Threat intel validation (VirusTotal)
80%Recon & enumeration (Nmap, Gobuster, Nikto)
80%Web testing workflow (Burp Suite)
70%Password auditing (Hydra / John the Ripper)
75%Security governance & standards (NIST / ISO / ISM)
75%Python (data structures, file I/O, OOP)
75%Bash scripting (automation & log parsing)
80%Regex + CLI tooling (grep/sed/getopts)
80%SQL (queries, constraints, normalisation)
70%Tools used across labs, investigations, and reports.
Open to internships, projects, and collaborations. Email me or find me on LinkedIn & GitHub.
himanshusandhan07@gmail.com© Himanshu. All rights reserved.