Skip to content
View pankhuriVarshney's full-sized avatar

Block or report pankhuriVarshney

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
pankhuriVarshney/README.md

Typing SVG



Status


Portfolio LinkedIn HackTheBox Email


eJPT CPTS eWPT IEEE


whoami

class PankhuriVarshney:
    role        = "Red Team Intern & Security Engineer @ Deepcytes Cyber Labs (UK)"
    education   = "B.Tech CSE @ Symbiosis Institute of Technology, Pune | GPA: 8.97"
    focus       = ["Red Team Operations", "Deception Technology", "Penetration Testing",
                   "Malware Analysis", "Bug Bounty", "DevSecOps"]
    building    = "MAYA β€” Autonomous Deception Platform (live demo available)"
    researching = "Post-Quantum Cryptography, Adversary TTP Mapping, AI-driven Threat Detection"
    published   = "IEEE ADICS 2024 β€” Quantum Computing Odyssey"
    ctf_rank    = "3rd @ IIT Jammu National | 6th @ CTF7 National Identity Shield 2026"
    superpower  = "I don't just find vulnerabilities β€” I make attackers reveal themselves."

I build offensive tools by day, deception systems by night, and publish research in between. Currently engineering MAYA β€” a full deception platform with fake asset orchestration, lateral movement detection, real-time TTP mapping, and adversary profiling. Think honeypot, but the honeypot fights back.


πŸš€ Flagship Project β€” MAYA Deception Technology

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚              MAYA DECEPTION PLATFORM                    β”‚
β”‚                                                         β”‚
β”‚  Fake Assets ──► Attacker Entry ──► TTP Mapping        β”‚
β”‚       β”‚                β”‚                  β”‚             β”‚
β”‚  Decoy Infra      Fingerprinting    Adversary Profile   β”‚
β”‚       β”‚                β”‚                  β”‚             β”‚
β”‚  Lateral Move     Alerting Engine    SIEM Integration   β”‚
β”‚  Detection              β”‚                  β”‚             β”‚
β”‚                   Live Demo β—„β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜            β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

MAYA Repo Live Demo

MAYA is an autonomous deception technology platform built to make attackers reveal their TTPs before they reach real infrastructure.

  • 🎯 Fake asset orchestration β€” Dynamic decoy services, credentials, and endpoints that look indistinguishable from production
  • πŸ” Lateral movement detection β€” Catches attackers pivoting through the environment in real time
  • 🧬 Adversary profiling β€” Builds a behavioral fingerprint of every attacker who interacts with the system
  • πŸ“‘ SIEM pipeline integration β€” Feeds structured threat intel directly into Splunk/ELK
  • πŸ€– State-synchronized β€” Decoys adapt dynamically based on attacker behavior

Think of it as giving your SOC a window into the attacker's mind β€” before they've touched anything real.


πŸ› οΈ Projects

Project Category Stack Highlights
MAYA Deception Tech Python, ELK, Splunk Live demo β€’ Full TTP mapping β€’ SIEM integration
TraceProbe OSINT / Forensics Kafka, Python, Elasticsearch, Kibana IPDR log mapper β€’ Geo-IP visualization β€’ Threat indicators
Red Team Toolkit Offensive Tools Python, Bash Multi-platform payloads β€’ Priv-esc scripts β€’ Auto-reporting
Exploits Database Vulnerability Intel Python CVE repo β€’ PoC integration β€’ Severity scoring across Web/IoT/SCADA
Malware Detection System AI Security Python, LLaMA 3 Static + dynamic analysis β€’ Sandboxing β€’ Syscall tracing
Fraud Detection System AI Security Transformers, Zero Trust Real-time transaction monitoring β€’ MFA β€’ Least-privilege enforcement
πŸ“‚ More Repositories (40+)
β”œβ”€β”€ vision-based-inventory-system/    # Computer vision + IoT
β”œβ”€β”€ blockchain-security-tools/        # Solidity audit helpers  
β”œβ”€β”€ quantum-crypto-research/          # IEEE ADICS 2024 artifacts
β”œβ”€β”€ osint-automation/                 # OSINT & dark web intelligence tools
β”œβ”€β”€ CTF-Writeups/                     # Step-by-step exploitation chains
└── 30+ more...

πŸ† CTF & Competition Record

"I'm the one who knocks." β€” Walter White

Year Competition Result Level
2026 Identity Shield CTF β€” CTF7 πŸ† 6th Place National
2025 Operation Cipher Shadows CTF β€” IIT Jammu πŸ₯‰ 3rd Place National
2025 NPIIPC-AICTE Pentathon (CyberShield) βš”οΈ Top 500 / 3500 National
2023 Digital Forensics Hackathon β€” Cyber Secure India πŸ₯ˆ 2nd Place National
2023 Blockchain Hackathon β€” India Blockchain Alliance πŸ₯ˆ 2nd Place National

πŸ“ CTF Writeups β†’ β€” Full exploitation chains: initial access β†’ lateral movement β†’ privilege escalation. Every write-up includes methodology, tooling, and lessons learned.


πŸ“„ Research & Publications

@inproceedings{varshney2024quantum,
  title     = {Quantum Computing Odyssey: Teleporting to the Realm of Unparalleled Possibilities},
  author    = {Varshney, Pankhuri and others},
  booktitle = {IEEE ADICS 2024 β€” International Conference on Advances in Data Engineering},
  year      = {2024},
  doi       = {10.1109/ADICS58448.2024.10533597}
}

Focus areas: Post-quantum cryptographic vulnerabilities Β· Shor's algorithm impact on RSA/ECC Β· Lattice-based cryptography implications

Read Paper


βš”οΈ Skills & Arsenal

Offensive Security

Penetration Testing Red Team Ops VAPT Exploit Dev Reverse Engineering Bug Bounty

Defensive & Intel

Digital Forensics Malware Analysis Threat Intel OSINT Deception Tech Honeynet Engineering

Tools

Burp Suite Metasploit Nmap Wireshark Ghidra Splunk Nessus Nuclei OpenVAS Autopsy FTKImager Nikto

Languages

Python Rust Bash C/C++ Go Java JavaScript Solidity


πŸ“Š GitHub Stats


πŸ“œ Certifications

[βœ…] eJPT      β€” eLearnSecurity Junior Penetration Tester (INE Security)
[πŸ”„] CPTS      β€” Certified Penetration Testing Specialist (HackTheBox) β€” In Progress
[πŸ”„] eWPT      β€” eLearnSecurity Web Penetration Tester (INE Security) β€” In Progress
[βœ…] Cisco     β€” Introduction to Cybersecurity (Networking Academy)
[βœ…] Cisco     β€” Introduction to Networking (Networking Academy)

πŸŽ“ Achievements & Recognition

[πŸ₯‡] Merit Scholarship β€” 1st Rank in CSE Department, SIT Pune (2023–2024)
[🏫] Best Student of Class 12 (2023)
[πŸ“„] IEEE Research Publication β€” ADICS 2024
[πŸ”΄] Red Team Intern @ Deepcytes Cyber Labs (UK) β€” Deepcytes selected for high-impact work
[πŸ•΅οΈ] CTF writeups contributed to community knowledge base

πŸ“‘ Let's Connect

Open to Red Team, Penetration Testing, Security Engineering & Bug Bounty opportunities. Currently in Pune, India. Remote-friendly.


Portfolio Email LinkedIn HackTheBox HackerRank



Pinned Loading

  1. Maya_Deception_Tech Maya_Deception_Tech Public

    Autonomous Decoy Networks for Adversarial Behavior Analysis

    TypeScript 1 2

  2. malware-detection-software malware-detection-software Public

    Java 3

  3. NCBA NCBA Public

    Non-Person Entity Certificate Behavior Analysis Framework

    TypeScript 2

  4. karandesai2005/TraceProbe karandesai2005/TraceProbe Public

    This project is a real-time data pipeline designed to ingest, process, and analyze massive volumes of IPDR (Internet Protocol Detail Record) logs. It helps law enforcement investigators identify an…

    Python 1 4

  5. Reeti05Agarwal/NexGaurd Reeti05Agarwal/NexGaurd Public

    Designed a secure, AI-based system for real-time fraud detection and behavior analysis. Utilized knowledge distillation, time-series RNNs, and explainability tools (LIME) to ensure efficient and tr…

    HTML 1

  6. customer-behavior-and-fraud-detection customer-behavior-and-fraud-detection Public

    HTML