SANKETH SUBHAS

Python tool that parses Apache and Windows auth logs, detects threats like brute force attacks, port scans, and SQLi attempts, and maps them to MITRE ATT&CK techniques with severity-rated reports.

Cross-platform Python tool that audits Linux and macOS systems against CIS Benchmark controls — 36 checks across account policy, SSH hardening, file permissions, network security, and logging. Auto-detects OS and generates scored compliance reports with remediation guidance.

Python tool that analyzes .eml email files for phishing indicators — validates SPF/DKIM/DMARC, detects From/Reply-To mismatches, URL shorteners, suspicious TLDs, and credential requests. Scores risk 0–100 with color-coded verdict and remediation guidance.

Multithreaded Python network scanner that identifies open ports, maps services to a built-in vulnerability database, and generates MITRE ATT&CK aligned risk reports. Supports single hosts and CIDR network ranges with JSON export for SIEM integration.

Threat intelligence tool that maps attack indicators, log events, and IOCs to MITRE ATT&CK tactics and techniques. Visualizes kill chain coverage across all 14 tactics with 35+ techniques, severity scoring, and built-in ransomware, APT, and web attack scenarios.

Lightweight honeypot simulating SSH, HTTP, and FTP services to capture attacker activity. Logs credentials attempted, detects brute force and port scanning, maps all events to MITRE ATT&CK, and generates attacker intelligence reports with IP profiling.

Engineered a secure CI/CD pipeline using Jenkins and Grype for automated container vulnerability scanning. Architected AWS infrastructure (EC2, S3, IAM) with real-time CloudWatch monitoring.

Identified exposed assets and attack vectors using Shodan and Maltego. Analyzed datasets to produce actionable threat intelligence reports.

Evaluated root causes of high-profile breaches and delivered a formal remediation strategy to faculty and (ISC)² industry experts, receiving top honors for technical depth.