Close

Vipul Ujawane

Curriculum Vitae CTF Profile

About Me

The best thing about a boolean is even if you are wrong, you are only off by a bit

Experience

TikTok

Security Engineer | Application/Product Security

Tech Stack : Git, iOS, Android, React, Go
- Performed Code reviews and Penetration Testing of product before release.

Google

Security Engineer | Platform Security

Tech Stack : Network Security ,Operating Systems, Large Language Models, JavaScript, Golang, Zero Trust, Beyondcorp
- Developed an experimental service to handle security operation tickets using Artificial Intelligence (LLMs).
- Performed security testing of the service to find vulnerabilities like Prompt Injection.
- Wrote a chrome extension to remote clear cookies and browsing data for all devices on Google fleet.
- Supported with operations regarding reviewing of 50+ high risk security exception tickets.

Google

Security Engineer Intern

Tech Stack : Network Security, Golang, SQL, Python, BASH, RANCID, Firewalls, gRPC, regex
- Security Engineer Intern in Enterprise Infrastructure Protection.
- Developed a tool to compare observed Network Traffic with installed Access Control Lists at scale.
- Participated in Bug resolution, Security operations and assessment of Network Access Policies.

Saptang Labs

Vulnerability Research Intern

Vulnerability Research Intern at Saptang Labs.
Tech Stack : Binary Exploitation, Web Application Security. Network Security
- Saptang Labs is a stealthmode Cybersecurity startup
- Developed multiple Proof-of-Concept exploits for vulnerabilities against certain products.
- POCs developed in the domain of Web Exploitation, Binary Exploitation and Network Security

National University of Singapore

Research Intern

Research Intern at NUS-Singtel CyberSecurity R&D Lab.
Tech Stack : Software Defined Networking, Denial of Sevice, OpenVSwitch, DPDK, C
- Principal Investigators : Dr. Dinil Mon Diwakaran (Trustwave), Dr. Min Suk Kang (School of Computing, NUS)
- Researched a feasibility study of Tuple Space Explosion Attack for Kernel and Userspace (DPDK) Drivers of OvS.
- Performed Source Code Review to gain insight into the inner workings of OvS for further development of the attack.
- Developed a novel Attack Scenario for mitigations provided to prevent Tuple Space Explosion
- Work documented in a paper presented at OpenVSwitch Fall 2020 Conference | Arxiv Paper

GE Digital

Digital Technology Intern

Summer Intern at GE Digital for GE Power.
Tech Stack : Amazon Web Services, Lambda, S3, Flask, Docker, Predix Edge
- Developed a cloud based Software Prototype for Streaming video for Video Analytics.
- Builta Data Producer to capture RTSP Streaming data for Edge Devices
- Developed a Client Application, to automate edge camera triggering, processing and display data.

Education

Georgia Institute of Technology

August 2021 - 2023*

M.S. Cybersecurity (Information Security Track)

GPA : 4.0/4.0*

Relevant Courses

  • Advanced Malware Analysis
  • Introduction to Malware Reverse Engineering
  • Network Security
  • Secure Computer Systems
  • Applied Cryptography
  • Introduction to Information Security
  • Information Security Policies

Indian Institute of Technology, Kharagpur

July 2016 - June 2021

Dual Degree in Engineering Design (Industrial Electronics) with a Minor in Comptuer Science & Engineering

CGPA : 8.64/10.00

Relevant Courses

  • Design and Analysis of Algorithms^
  • Software Engineering^
  • Computational Foundations of CyberPhysical Systems
  • Computer Networks^
  • Information Retrieval
  • Embedded Systems^
  • Foundations of Machine Learning^

Projects

Gru

A series of Proof-of-Concept Exploits written to access data from ERP, IIT Kharagpur. Bugs disclosed responsibly.

View Project

ACID : Autonomous Code Injection Detection

Developed a new Natural Language Processing based paradigm to detect Code Injection attack attempts.
Classification Model peaked at 97.5% accuracy with the ability to detect XSS, SQLi and CMDi.

Bus Off Attack

Exploit for a CAN Bus, to avail scenarios such as Denial of Service and Frame Spoofing
Reference : "Error Handling of In-vehicle Networks Makes Them Vulnerable"

View Project

PING

PING : Professor Information Gatherer. A Google Scholar Based, Information Retrieval System to gather Professor Information and Ranking based on Jaccard Similarity. Written in Python.

View Project

Acad-Search

A central repository built to store Question Papers, Notes, Slides, PDFs, etc. Backend developed in Django.

View Project

Campus Security System

Term project for Software Engineering. Guided by Prof. Sudip Misra , Department of Computer Science and Engineering, IIT Kharagpur.
Created a Server and Client Based Application for the ease and use of Security Guards and their Managers. Developed the code using the Waterfall Lifecycle Model. Developed UML Diagrams. Coded using Java.

View Project

Skills

Get in Touch