python_programming_/index1.html at main · machphy/python_programming_ · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
  <title>Rajeev Sharma | Security Engineer</title>

  <style>
    * { margin: 0; padding: 0; box-sizing: border-box; }

    body {
      font-family: "Segoe UI", Arial, sans-serif;
      background: #020617;
      color: #e5e7eb;
      line-height: 1.7;
    }

    header {
      padding: 30px 10%;
      border-bottom: 1px solid #1e293b;
      background: radial-gradient(circle at top, #020617, #000);
    }

    header h1 {
      color: #38bdf8;
      font-size: 32px;
    }

    header p {
      color: #94a3b8;
      margin-top: 6px;
      font-size: 15px;
    }

    section {
      padding: 45px 10%;
      border-bottom: 1px solid #1e293b;
    }

    h2 {
      color: #22d3ee;
      margin-bottom: 15px;
      font-size: 22px;
    }

    .badge {
      display: inline-block;
      background: #020617;
      border: 1px solid #1e293b;
      padding: 6px 10px;
      margin: 6px 6px 0 0;
      border-radius: 6px;
      font-size: 13px;
      color: #e5e7eb;
    }

    ul { margin-left: 18px; }
    li { margin-bottom: 8px; }

    .mono {
      font-family: Consolas, monospace;
      color: #a5f3fc;
      font-size: 14px;
    }

    footer {
      padding: 20px;
      text-align: center;
      font-size: 13px;
      color: #64748b;
      background: #020617;
    }

    a {
      color: #38bdf8;
      text-decoration: none;
    }
  </style>
</head>

<body>

<header>
  <h1>Rajeev Sharma</h1>
  <p>Security Engineer L1 </p>
  <p class="mono">detect · analyze · respond · secure</p>
</header>

<section>
  <h2>Professional Summary</h2>
  <p>
    Security Engineer L1 , Learning Security operations,  SIEM monitoring,
    incident triage, and cloud security controls. Also Learning identifying malicious
    activity, mapping attacks to MITRE ATT&CK, and supporting incident response
    workflows in production environments.
  </p>
</section>

<section>
  <h2>Core Security Skills</h2>
  <div>
    <span class="badge">SIEM (IBM QRadar)</span>
    <span class="badge">EDR Crowdstrike</span>
    <span class="badge">XSOAR</span>
    <span class="badge">Darktrace</span>
    <span class="badge">MITRE ATT&CK</span>
    <span class="badge">Log Analysis</span>
    <span class="badge">Cloud Security</span>
    <span class="badge">Linux Security</span>
    <span class="badge">Network Security</span>
  </div>
</section>

<section>
  <h2>Security Experience</h2>
  <ul>
    <li>
      <strong>Cyber Security Enginner L1 </strong> — Airtel Africa  (Airtel Digital)
    </li>
    <li>
      Monitored and analyzed SIEM alerts to detect suspicious and malicious activity.
    </li>
    <li>
      Performed incident triage, severity classification, and escalation.
    </li>
    <li>
      Worked with EDR/XDR tools to investigate endpoint threats.
    </li>
    <li>
      Assisted in cloud security monitoring and access control validation.
    </li>
  </ul>
</section>

<section>
<h2>Projects</h2>
<ul>
<li><strong>RCIMAT</strong> – AI-based real-time threat monitoring system</li>
<li><strong>Universal Evasion Framework</strong> – Ethical research on detection evasion</li>
<li><strong>C2 Infrastructure Security</strong> – Secure command & control design</li>
<li><strong>mad-proxy </strong> – mad-proxy transparently hijacks HTTP/HTTPS traffic, enforces granular domain-level block/allow logic via YAML, and logs every event for live threat analysis.</li>
</ul>
</section>
<section>
<h2>Security Research, CVEs & Publications</h2>
<ul>
<li>
<strong>CVE-2025-61767 – HTTPS Interception Policy Bypass</strong><br>
Discovered and responsibly disclosed a critical vulnerability in the <em>mad-proxy</em> open-source project allowing HTTPS policy bypass.
<ul>
<li>Identified desynchronization between TLS handshake/SNI validation and domain filtering logic.</li>
<li>Demonstrated how malicious HTTPS traffic could evade proxy security policies.</li>
<li>Developed and merged security patch (v0.4); recognized by GitHub Security Advisory and MITRE.</li>
</ul>
</li>
<li>
<strong>Accepted Conference Paper – CIST 2025</strong><br>
Paper accepted at <em>Conference on Innovations in Science & Technology (CIST-2025)</em>, ITM Gida, Gorakhpur.
<ul>
<li>Accepted after peer review by the CIST Technical Committee.</li>
<li>First author; research recognized for innovation in security and technology.</li>
<li>Conference Contact: itmgkp.cist@gmail.com</li>
</ul>
</li>
</ul>
</section>

<section>
  <h2>Contact & Profiles</h2>
  <p>Email: <a href="rajeevsharmamachphy@gmail.com">rajeevsharmamachphy@gmail.com</a></p>
  <p>LinkedIn: <a href="https://www.linkedin.com/in/rajeev-sharma-b0b10324b/" target="_blank">
    linkedin.com/in/rajeev-sharma-b0b10324b</a></p>
  <p>GitHub: <a href="https://github.com/machphy" target="_blank">
    github.com/machphy</a></p>
</section>

<footer>
  © 2025 Rajeev Sharma — Security
</footer>

</body>
</html>