// ACCESS GRANTED

UJWAL GATTU

I hunt vulnerabilities by day. I train models to catch them at night.

Most people pick a lane — security or AI.
I refused to. My tools sniff packets and think for themselves. My exploits are shaped by the same math that powers machine learning.

CRTA certified. Flags captured. Shells popped. Bugs reported.
Currently obsessed with one question: what happens when the attacker is the model?

See My Work Read Write-ups GitHub ↗

OPEN TO INTERNSHIPS & COLLABS

01.

ABOUT

Final-year ECE student at RGUKT who took a deliberate detour into offensive security and never looked back. What started as curiosity about how systems break evolved into a full-stack obsession — pentesting, CTFs, reverse engineering, and a nagging question: what if the attacker had a brain of its own?

That question led me to build ML-powered security tooling from scratch. Not for the resume line — because I genuinely believe the next wave of threats will be automated, adaptive, and fast, and the defenders who survive will be the ones who built for that reality early.

Between internship shifts I'm grinding HTB machines, reading CVE advisories like morning news, and winning the occasional CTF. The terminal stays open.

> Code written in

PythonC++Bash

> Breaking things with

Burp Suite ProNessus NmapWiresharkBloodHound

> Models built with

TensorFlowPyTorch Scikit-learnScapy

> Infrastructure on

Linux / WSLAWS GitMySQL

$ whoami

→ ujwal_gattu

$ cat identity.txt

→ Red teamer who codes his own tools

→ Offense as a path to better defense

→ Thinks equally in packets and tensors

→ CGPA 8.0 — but root shells taught more

$ ./metrics.sh

→ IPs owned during internship : 20+

→ IDS throughput : 10k pkt/min

→ Anomaly detection AUC : 98.5%

→ Sleep lost to CTFs : undefined

$ cat status.log

→ AVAILABLE — hire me before someone else does

02.

EXPERIENCE

CYBERSECURITY INTERN

SURETRUST — NGO developing the next generation of security talent

DEC 2024 — JUL 2025

Inherited a scope of 20+ live IPs and a mandate to find what was wrong with them. Found plenty — misconfigured services, unpatched daemons, exposed admin panels. Documented every finding with severity ratings and filed structured reports.
Went beyond scanning: validated vulnerabilities by exploiting them to demonstrate real impact, then wrote concise remediation guides that engineers could action immediately — not wall-of-text CVE dumps.
Authored recon automation scripts that reduced manual reconnaissance time substantially, freeing cycles for deeper offensive testing on high-value targets.
Contributed to internal research and peer knowledge-sharing sessions, helping newer interns ramp up on methodology and tooling faster.

03.

PROJECTS

// 001

NETWORK IDS — ML EDITION

Signature-based IDS tools are blind to anything they haven't seen before. This one isn't. It captures raw packets live off the wire using Scapy, extracts statistical features in real time, and pushes them through a PCA + Isolation Forest pipeline that surfaces anomalies without needing a static rulebook. Built from scratch. Actually works at scale.

10,000+pkt/min

98.5%AUC

96%precision

PythonScapy Scikit-learnPCA Isolation Forest

[ View on GitHub ]

// 002

PII HUNTER — SMART INDIA HACKATHON

A tool for surfacing sensitive personal data embedded in freeform text — names, phone numbers, emails, physical addresses. Built for Smart India Hackathon, it pairs regex pattern engines with NLP entity recognition so it catches what rules alone would miss. No pre-labelled training data required. Ships cold and works immediately.

SIHHackathon Build

Zeropre-labelled data

PythonNLP spaCyRegex Rule engine

[ View on GitHub ]

04.

WRITE-UPS

📡

// Published on

https://phantomhacker-alpha.vercel.app/

2026.02.23

HTB Season 10 — Interpreter

Exploiting CVE-2023-43208 (XStream RCE) on Mirth Connect 4.4.0, extracting SQL credentials, cracking PBKDF2 hashes with Hashcat, and escalating privileges via SSTI using hex-encoded payloads.

CVE-2023-43208 XStream Deserialization SSTI RCE Hashcat MySQL

RCE

SSTI

READ →

VIEW ALL WRITE-UPS ↗

05.

CERTIFICATIONS

FEATURED

🔴

// Professional Certification

CERTIFIED RED TEAM ANALYST

CRTA — Altered Security

ACTIVE CERTIFICATION

06.

CONTACT

Got a box that needs breaking? A team that needs someone at the intersection of offensive security and machine learning? A CTF you want to run the table on together?

I'm actively seeking internships and full-time roles where I can do genuine red team work — not just tick compliance checkboxes. If that sounds like your organization, let's talk.

✉

Email

gattuujwal037@gmail.com

in

linkedin.com/in/gattu-ujwal

⌥

GitHub

github.com/UJWAL-GATTU

☎

Phone

+91 7013395448

// Your Handle

// Subject

// Message

TRANSMIT MESSAGE