Skip to content

chaitanyagarware/chaitanyagarware

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 

Repository files navigation

Typing SVG

MS Cybersecurity · Security Engineering · Cloud Security · AI Security

LinkedIn Portfolio TryHackMe arXiv


🧠 About Me

I'm a cybersecurity engineer focused on detection engineering, cloud security, SOC automation, and AI-powered security tooling. I build things that actually work at 3 AM — automated pipelines, vulnerability research tools, and LLM-based threat classifiers.

  • 🎓 MS Cybersecurity — University of Alabama at Birmingham (4.0 GPA, May 2026)
  • 🏆 1st Place — Southeast Cybersecurity Summit 2026 CTF (6,150 pts · 27/29 challenges · Skillbit Coin #032)
  • 🔬 4× Security Advisory Credits — Published CVE researcher, responsible disclosure
  • 📄 2 arXiv papers — AI security & SOC evaluation (OCJ submission)
  • ☁️ Former intern at Palo Alto Networks & AWS
  • 🥇 Top 1% globally on TryHackMe

🛡️ Security Advisory Credits

Responsible disclosure on open-source projects — vulnerabilities discovered, reported, and credited.

No. Advisory Project Impact CVE Status
1 GHSA-xw9q-2mv6-9fr8 fedify-dev/fedify Incomplete SSRF mitigation allowed special-use IPv4 ranges to bypass validation controls CVE-2026-50131 Published
2 GHSA-fg23-3346-88f5 langroid/langroid Path traversal in file tools allowed read/write outside the configured working directory CVE-2026-50181 Published
3 GHSA-qv97-83w4-ff86 vmDeshpande/ai-agent-automation Missing ownership checks allowed cross-user memory read and deletion through in-memory APIs CVE-2026-54519 Published
4 GHSA-cm8g-8jfq-887p vmDeshpande/ai-agent-automation Workflow file step path traversal allowed read/write outside the expected directory CVE-2026-54520 Published
5 GHSA-cvpc-hccg-wmw4 verbb/formie Missing authorization in administrative settings allowed low-privileged Control Panel users to modify plugin configuration Published
6 GHSA-5p3m-vhh6-9236 eidetic-labs/stigmem Blind SSRF via unvalidated webhook subscription delivery address Published
7 GHSA-cwv4-h3j5-w3cf plabayo/rama Stored XSS in ServeDir HTML directory listing through unescaped file names and URI paths Published

Security Advisories Responsible Disclosure

Featured advisory repositories

CVE Landing repo Primary advisory
CVE-2026-50131 CVE-2026-50131 GHSA-xw9q-2mv6-9fr8
CVE-2026-50181 CVE-2026-50181 GHSA-fg23-3346-88f5
CVE-2026-54519 CVE-2026-54519 GHSA-qv97-83w4-ff86
CVE-2026-54520 CVE-2026-54520 GHSA-cm8g-8jfq-887p

Direct research links


🏅 Certifications

CompTIA Security+ Certified SOC Analyst ISO 27001


⭐ Featured Projects

🤖 OpenSOC-AI

TinyLlama-1.1B fine-tuned with LoRA/QLoRA for MITRE ATT&CK-based SOC alert classification

Repo arXiv Demo Python HuggingFace

Metric Value
F1 Score 0.68
Improvement over baseline +68 points
Deployment Cloudflare Worker + GitHub Pages
Paper arXiv:2604.26217 · OCJ-03-2026-0015

☁️ AWS Cloud Security Scanner

Local-first AWS security analysis — IAM risk, CloudTrail activity, GuardDuty findings, Access Analyzer

Repo Python AWS GuardDuty


🔍 CVE Hunter Pipeline

Automated vulnerability discovery — OSV dedup, PoC scaffold generation, overnight orchestration (v34)

Repo Python CVE Disclosure

Discovered and responsibly disclosed vulnerabilities in fedify-dev/fedify (SSRF bypass), langroid/langroid (path traversal), and vmDeshpande/ai-agent-automation (2× ownership + path traversal). 4 published GitHub Security Advisory credits.


🔐 Quantum-Safe Password Manager

AES-GCM + PBKDF2 browser-based password manager — GitHub Pages hosted

Repo Live AES-GCM


📄 Research Publications

# Paper Venue Link
1 OpenSOC-AI: LLM-based SOC Alert Triage & Classification arXiv · OCJ arXiv
2 When the Ruler Is Broken: Parsing-Induced Suppression in LLM SOC Evaluation arXiv · OCJ arXiv

Both submitted to Organizational Cybersecurity Journal · Manuscript ID: OCJ-03-2026-0015


🛠️ Tech Stack

🔴 Security

SIEM GuardDuty IAM Palo Alto MITRE BurpSuite

💻 Languages & Tools

Python Bash TypeScript Docker Linux Git

🤖 AI / ML

PyTorch HuggingFace LoRA Cloudflare


📊 GitHub Analytics


🏆 GitHub Trophies


🐍 Contribution Snake

GitHub Contribution Snake


🎯 Current Focus

chaitanya = {
    "role":          "Security Engineer (actively looking 🔍)",
    "location":      "Birmingham, Alabama 🇺🇸",
    "origin":        "Rahimatpur, India 🇮🇳",
    "focus":         ["Cloud Security", "SOC Automation", "AI Security", "CVE Research"],
    "recent_wins":   [
        "🏆 1st Place CTF — SE Cybersecurity Summit 2026 (6150pts, Coin #032)",
        "📄 2 arXiv papers published (AI Security + SOC Evaluation)",
        "🛡️ 4 GitHub Security Advisory Credits (responsible disclosure)",
        "🤖 OpenSOC-AI deployed — TinyLlama fine-tuned for MITRE ATT&CK"
    ],
    "open_to":       "Security Engineering · Cloud Security · AI Security · SOC Automation"
}

╔══════════════════════════════════════════════════════════════╗
║       🛡️ Securing systems · 🔬 Researching vulnerabilities  ║
║              github.com/chaitanyagarware                     ║
║          ⭐ Star if you find something useful!               ║
╚══════════════════════════════════════════════════════════════╝

Last Updated: June 2026 | Open to Security Engineering roles 🚀

About

No description, website, or topics provided.

Resources

Stars

1 star

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors