3rd-year B.Tech Computer Science student at BRCM CET focused on offensive security research, malware and botnet analysis, and low-level / systems programming in C, C++, Assembly, and Python. GSoC 2026 contributor at the Metasploit Framework (Rapid7) building inline tracing presenters for Kerberos tickets and X.509 certificates. Hands-on experience across Active Directory Certificate Services (AD CS), ESC attack-path research, PKINIT, LDAP Schannel, and reverse-engineering tooling, with a defensive emphasis on detecting stealthy, low-and-slow command-and-control (C2) traffic. Authored 5 upstream pull requests (2 merged, 1 in review, ~1,200 lines of Ruby merged) validated end to end against live infrastructure.
Education
B.Tech, Computer Science & Engineering
3rd year (Current) · Expected 2028
BRCM College of Engineering & Technology, Bahal, Haryana
Coursework and self-directed study in systems programming, networks, operating systems, and applied cryptography.
AlgoUniversity Tech Fellowship 2025
Selected
Selected via national coding challenge for a competitive mentorship/scholarship program, with mentorship from senior engineers at Google, Apple, and Microsoft, and ICPC World Finalists.
RSCIT Computer Diploma
Completed
Rajasthan State Certificate in IT · Government of Rajasthan
Experience & Open Source
GSoC 2026 Contributor - Metasploit Framework (Rapid7)
May 2026 - Present (175 hrs)
Mentors: @jheysel-r7 (primary), @zeroSteiner (co-mentor)
- Designed and merged CertificateTracePresenter, a new X.509 certificate and CSR tracing subsystem following Metasploit's Presenter architecture, with full RSpec coverage.
- Extended certificate tracing to LDAP Schannel authentication, surfacing certificate material during certificate-based binds.
- Restored and wired CSR tracing into the AD CS / MS-ICPR enrollment flow, decoding requested certificate templates, SANs, and EKU OIDs from live CSRs.
- Prototyped centralized Kerberos ticket tracing with metadata/full verbosity modes and module integration, informing the current presenter design.
- Validated every feature end to end against a live Windows Server 2022 + AD CS lab, including ESC1-style enrollment and on-behalf-of CMS paths.
Mirai Source Code - IoT Botnet Research Mirror
C / C++ / Go / Shell
Maintained mirror of the Mirai botnet source code preserved strictly for educational, research, and cybersecurity-analysis purposes. Used to study how large-scale IoT malware operates at a technical level: infection vectors, C2 protocols, scanning routines, and load distribution.
PR: #46 - Improved README.md with research and usage guidelines (+154, merged).
Open-Source Contributor - BlackArch Linux
Active
Working with the BlackArch penetration-testing distribution: package work, tool packaging, and offensive-security tooling research in a controlled environment.
PR: #4645 - Polished README structure and style as per feedback (+137, merged).
Featured Projects
PyScanner - Network Security Scanner
Python / C++
v10 with ~47 features. Includes a full C++ port with zero-copy kernel TX and a stateless HMAC ISN architecture. Roughly 37% Nmap feature parity with genuine advantages in batch transmission, offline CVE lookup, and the stateless ISN design.
Contactsd - Encrypted Contacts Daemon
C / Python
Secure CLI-based contacts manager. AES-256-GCM for confidentiality / integrity / authentication; keys derived from a master password via PBKDF2-HMAC-SHA256 (150k iterations, per-record salt). All crypto via OpenSSL.
Venice Firewall - AI-Assisted Network Filter
Python / C / Shell
Integrates offline AI models and online AI services to analyse traffic patterns, detect anomalies, and resolve filtering decisions automatically. Real-time adaptive filtering with admin mail messaging.
MAC Address Randomizer Daemon
Python / Shell
Privacy-focused systemd service that periodically randomises MAC addresses for all active interfaces via macchanger. Arch / Debian / Fedora support, dynamic interface detection, and a kill-switch that blocks the network if spoofing fails.
Technical Skills
Languages: Ruby, Python, C / C++, Bash, x86 / x86-64 Assembly, JavaScript
Reverse Engineering: Ghidra, gdb, Binary Ninja, objdump, xxd, YARA
Pentesting: Metasploit, Nmap, Wireshark, Burp Suite, Impacket, Rubeus
CTF Platforms: HackTheBox, TryHackMe, OverTheWire, WeChall
AD & Auth: Kerberos, ADCS ESC1-ESC16, Kerberoasting, Pass-the-Hash, Golden / Silver Ticket, PKINIT, LDAP Schannel
Cryptography: OpenSSL, ASN.1, DER / PEM, X.509, AES-GCM, PBKDF2
ML / Data: PyTorch, TensorFlow, Keras, scikit-learn, NumPy, Pandas, Transformers, Ollama
Tooling: Git, RSpec, pytest, systemd, Kali Linux, BlackArch, Parrot OS
Certifications
- · OSCP - Offensive Security Certified Professional (in progress)
- · CompTIA Security+ (in progress)
- · CEH - Certified Ethical Hacker (EC-Council) (in progress)
- · RSCIT Computer Diploma - Government of Rajasthan (completed)
Profiles & Languages
- WeChallrootanonymous
- X (Twitter)@pushpender5177
- Slack@Pushpender (Metasploit)
- LanguagesEnglish, Hindi