DevSecOpsAPI SecurityCTFKernel Systems

TryHackMe Legend 0xD / Top 2 percent globally

Abdul Wahid Khan

I break systems to understand them. Then I harden them so others cannot.

DevSecOps engineer and M.Sc. Cyber Security student at NFSU, specializing in penetration testing, API security, cloud-native defense, CTFs, and open-source kernel work.

View dossiers Open channel

TryHackMe

Top 2%

LEGEND 0xD, 108 rooms, 16 badges

GitHub

78 repos

98 followers, 236 starred repos

NFSU

Rank #1

B.Sc. IT, 9.3 CGPA, SGPA 9.8

CloudWatch

15 GB/wk

Security reviews at Lixta Networks

Production security

Experience Console

Jan 2025 - Present

System Administrator / DevSecOps Engineer

Lixta Networks, Bhiwandi, Mumbai

Production security work across cloud logs, Kubernetes deployments, CI/CD controls, Cisco XDR integrations, observability, and automated server provisioning.

Cloud

AWS, Azure

Infra

Kubernetes, Docker

Detection

Cisco XDR, Prometheus

Automation

Ansible, CI/CD

lixta-ops-console

$ review.cloudwatch --weekly

Reviewed 15 GB of AWS CloudWatch logs and resolved firewall, user activity, and IAM anomalies.

$ deploy.k8s --secure

Managed Kubernetes and Docker deployments with GitHub Actions and GitLab CI/CD security checks.

$ integrate.xdr --aws --azure

Onboarded AWS and Azure into Cisco XDR for unified detection and incident response.

$ provision.ansible --aws

Automated server provisioning and supported EKS, EC2, S3, and IAM access control policies.

Selected operations

Project Dossiers

Security Tooling

active control plane

Sentry Supply Chain Security

Runtime dependency threat detection

A three-part platform for watching developer machines, discovering vulnerable packages, and enforcing CVE-aware policy through a cloud brain, local agent, and runtime hooks.

Node.jsExpressWebSocketsOSV APIpip/npm/cargo

Cloud Brain ingests vulnerability intelligence and computes dashboard state.

System Agent exports inventory, heartbeats, and machine status without app imports.

Runtime hook adds PID-aware telemetry for Node applications.

Network Forensics

96 commits, public repo

untor-tor

Tor flow reconstruction and correlation

A Tor traffic analysis platform that extracts flows from PCAP or live captures, correlates timing with relay metadata, and ranks candidate circuit behavior for forensic review.

PythonFastAPIReactPCAPStemML

PCAP ingestion with feature extraction and Tor-ish flow detection.

Background relay metadata refresh through Tor consensus and Onionoo data.

UI pages for flows, analysis results, and network view.

Governance AI

policy analyst dashboard

civic-sentinel

Aadhaar anomaly detection

A governance analytics system that detects irregularities in anonymised Aadhaar datasets using rolling baselines, statistical outlier detection, and stability scoring.

Pythonscikit-learnStreamlitPandasIsolation Forest

Z-score, Isolation Forest, and LOF anomaly layers.

0-100 district stability score for operational volatility.

Dashboard surfaces clusters, flagged records, and governance risk.

Kernel Systems

43 stars, 35 forks

Nova-Kernels

Android kernel maintenance

Founded and maintain Nova-Kernels for Xiaomi MT6785 devices targeting Android 15, with work across root integration, scheduler tuning, memory fixes, I/O optimization, and battery behavior.

CLinux KernelAOSPKernelSUMT6785

KernelSU integration and device-specific kernel hardening.

CPU scheduler and memory management tuning.

Long-term public maintenance in a specialized systems niche.

Hackathon Systems

Indian Army Terrier Cyber Quest

Rakshak

Threat detection using AI and quantum concepts

A lightweight, extensible security and monitoring toolkit combining AI and quantum-computing ideas for early ransomware and malware detection.

Quantum MLSecurity MonitoringMalware DetectionPython

Built for the Indian Army Terrier Cyber Quest 2025 theme.

Focused on early detection for ransomware and malware patterns.

Ranked top 65 among 6600 participants according to resume proof points.

Hackathon Systems

Delhi Police National Hackathon winner

TARA

Real-time risk scoring

The Armour that Renders Assurance, an Android app that uses predictive analytics and live camera feed analysis to assess and alert on women's safety risks in real time.

AndroidPredictive AnalyticsCamera Feed AnalysisSafety Tech

Built for CyberPeace Foundation and Delhi Police National Hackathon 2024.

Combined safety analytics with real-time mobile context.

Winner-level proof of applied security thinking beyond dashboards.

CTF and proof

Arena Timeline

Competitive security, not resume decoration.

The portfolio should feel like a scoreboard because the work is validated in public: TryHackMe, national hackathons, CTFs, open-source mentoring, and kernel maintenance.

TryHackMe

GURU [0xC], top 2 percent

Rooms

108 completed, 16 badges

CTF lanes

pwn, crypto, RE, binary exploitation, web, forensics

2024

Delhi Police National Hackathon 2024

Winner with TARA, a predictive safety analytics Android system.

2025

Indian Army Terrier Cyber Quest 2025

Top 65 out of 6600 participants with Rakshak for quantum ML threat detection.

2025

NFSU Internal College Hackathon

Built applied security and analytics work in a competitive NFSU setting.

Mar 2025

BreachPoint CTF

CTF competitor across pwn, crypto, reverse engineering, web, and forensics.

Sep 2025

NFSU Inter-Campus CTF

Top 10 placement in inter-campus capture-the-flag competition.

Sep 2025

RedTeam Chennai CTF

4th place finish in RedTeam Chennai CTF.

Open source and research

Work That Leaves Artifacts

Nova-Kernels

Kernel maintainer

Founded Nova-Kernels and maintain custom Android Linux kernels for Xiaomi MT6785, including KernelSU integration, CPU scheduler tuning, memory fixes, I/O optimizations, and battery improvements.

Open proof

GSSoC Extended 2024

Open-source mentor

Ranked 6th in the top 50 mentors nationally and reviewed or merged 25+ contributor pull requests across multiple repositories.

Open proof

ICAIDS 2026

Accepted research

Accepted abstract on ConvLSTM intrusion detection with blockchain-backed data integrity for FANETs, reporting 82.6% detection accuracy and 99.5% collision avoidance in ROS-based simulations.

Open proof

Capability matrix

Skills Built for Security Work

Offensive Security

Web, API, network, IoT, reporting, and exploit-driven validation.

OWASP API Top 10Web app pentestingNetwork pentestingIoT securitySocial engineeringBurp SuiteMetasploitNmapKali LinuxWebSploit

Academic signal

Education and Certifications

National Forensic Sciences University, expected 2027

M.Sc. Cyber Security

Focused on application security, cloud security, network defense, digital forensics, risk management, DevSecOps, and secure deployment architecture.

University of Mumbai, 2025

B.Sc. IT

9.3 CGPA, SGPA 9.8, rank #1. Technical Head for inter-collegiate Tech-Fest and builder of a secure Python LAN event management platform.

Cisco and APIsec University, May 2026

Security certifications

Hands-on labs across Kali Linux, WebSploit, scoping, vulnerability assessment, reporting, API risk, threats, compliance, and OWASP API Top 10.

IIT Kharagpur Winter of Code and GirlScript

Mentorship

Mentored contributors from Nov 2024 to Feb 2025 and Sep 2024 to Jan 2025, with a strong open-source review and collaboration record.

Open secure channel

Bring me into the incident room before it becomes a postmortem.

Available for DevSecOps, API security, cloud defense, penetration testing, security tooling, and research-led engineering conversations.

Email Call Resume

GitHub LinkedIn TryHackMe wahid7852.tech