// Projects
AegisScan
AegisScan is a web-based vulnerability scanner built using Python and Flask designed to analyze web applications for security issues. It implements a comprehensive reconnaissance engine that performs DNS lookup, WHOIS queries, subdomain enumeration, and directory discovery.
The tool integrates port scanning capabilities and API endpoint analysis, along with checking security headers for misconfigurations. Core vulnerability detection includes Cross-Site Scripting (XSS) and SQL Injection scanning with an interactive dashboard that visualizes scan results for security professionals.
SentinelShield
SentinelShield is a lightweight Web Application Firewall (WAF) and Intrusion Detection System built in Flask that inspects HTTP requests in real time. It detects SQL injection, XSS, directory traversal, and command injection attacks via signature-based rule matching.
The system enforces per-IP rate limiting with temporary and permanent ban escalation based on threat level. A live threat dashboard visualizes incoming threats and blocked requests. Also includes a one-click "Attack Console" for demonstrating detections and an automated accuracy test harness with precision/recall/false-positive analysis.
CA Management System
A full-stack web application built for managing client data and workflows at a CA (Chartered Accountant) firm, using Python, Flask, and PostgreSQL. Designed and implemented REST APIs for handling client records and data operations with full CRUD functionality.
Features secure authentication, role-based access controls, and data validation. The database was initially built in SQLite and migrated to PostgreSQL for production readiness. The application was containerized with Docker and deployed to cloud platforms for scalability and performance.
Password Cracking & Credential Attack Suite
An ethical password security toolkit with a live interactive Streamlit dashboard. It performs real crypt-hash cracking against Linux shadow files ($1/$5/$6$) and Windows NTLM hashes.
Includes a NIST SP 800-63B compliance engine with breach corpus validation, entropy analysis, and pattern checks. Features a live hardware benchmark measuring actual hashes/second at runtime. Visual analytics include entropy histograms, severity pie charts, and risk rankings. Comes with 38 automated pytest tests for reliability assurance.
Doctor Appointment System
A web-based application for managing doctor appointments and patient workflows built with Flask, HTML, CSS, and JavaScript. Provides a complete system for booking appointments, managing patient data, and handling prescriptions.
Features responsive frontend interfaces integrated with backend APIs, secure authentication mechanisms, and proper data validation throughout. Special attention was paid to handling sensitive healthcare data with secure coding practices.