REGAAN

01. About Me

I am a Security Researcher and Full-Stack Engineer specializing in Offensive Security, Systems Programming, and Mobile Application Security.

From building custom compilers like RedLang to architecting secure learning platforms like Rothackers, I bridge the gap between low-level exploitation and scalable software engineering.

With 4+ years of experience, I build robust, scalable applications while simultaneously breaking them to ensure maximum security. My expertise spans penetration testing, secure backend design, real-time systems, and AI/LLM integrations.

Offensive Security

Systems Programming

Mobile Security

02. Technical Arsenal

WebSocket Security

Penetration Testing

OWASP Top 10

OAST

Session Hijacking

XSS / SQLi

SSRF / XXE

WAF Bypass

Python

JavaScript

TypeScript

Java

SQL

React

Next.js

Node.js

Express

Playwright

Docker

Burp Suite

OWASP ZAP

Git Forensics

MongoDB

03. Experience

Workshop Instructor — Modern Cyber Attack Engineering

eHackify

▹Delivered a 2.5-hour workshop covering malware development concepts, reverse engineering, exploitation flows, C2 frameworks, OPSEC, and red-team methodology.

Full Stack Developer & Security Engineer

ROT Hackers

▹Built and maintained full-stack applications using React, Node.js, and real-time WebSocket systems.
▹Implemented authentication hardening, API security controls, and session-management defenses.
▹Deployed backend services using Docker, PM2, and CI/CD workflows.
▹Developed internal automation tools for vulnerability testing and diagnostics.

Independent Study — Cybersecurity & Software Engineering

Self-Directed

▹Focused on offensive security, secure full-stack engineering, AI systems, and tool development through structured hands-on learning.

04. Featured Projects

Maya - Esports Tournament Platform

A production-grade esports tournament management system featuring real-time room updates, team verification, and integrated monetization.

React NativeWebSocketsAdMobFirebase

WSHawk v2.0

A modern exploitation-driven WebSocket vulnerability scanner. Designed modular scanning engine detecting 10+ WebSocket vulnerability classes with 22,000+ attack payloads.

PythonWebSocketsSecurity ToolOpen Source

Rothackers Mobile & Backend

The core learning platform featuring a React Native mobile app with E2EE and a Node.js/MySQL backend with real-time features.

React NativeNode.jsMySQLRedisWebRTCSocket.io

Rothackers Admin Dashboard

Comprehensive analytics and content management system for the mobile app. Built with Next.js 15, features real-time data visualization.

Next.js 15Tailwind CSSRechartsFramer Motion

Rothackers Masterclass

A separate educational website featuring 3D interactive elements and authentication. Built with Next.js 14 and Three.js.

Next.js 14Three.jsClerk AuthPWA

Rothackers Academy

A modern SaaS learning platform with AI-powered features. Built with Next.js 15, Drizzle ORM, and Google Gemini AI.

Next.js 15Drizzle ORMStripeGoogle Gemini AI

Rothackers Red Team C2

Advanced multi-platform C2 framework featuring a Go-based Windows Trojan and a macOS Supply Chain Implant that bypasses Gatekeeper.

GoPythonRedismacOS/WindowsMalware Dev

Android Malware Framework

A production-grade Android 15 malware framework featuring Smali bytecode injection, Redis-backed C2, and real-time data exfiltration.

SmaliAndroid InternalPythonRedisReverse Engineering

RedLang

A custom systems programming language designed for offensive security. Features a full LLVM-based compiler, Language Server (LSP), and built-in security primitives.

C++LLVMCompiler DesignOffensive Security

SQLMap Tamper Collection

A comprehensive framework of custom tamper scripts for SQLMap to bypass modern WAFs and filters during SQL injection testing.

PythonSQL InjectionWAF BypassSecurity Tool

OffSec Echo Writeups

Comprehensive writeups for 9 weeks of advanced security challenges covering malware analysis, forensics, and cloud exploitation.

Technical WritingMalware AnalysisForensics

Initialize Connection?

Whether you have a question, a project idea, or just want to discuss the latest in security research, my inbox is always open.

GitHub

View Resume_

System Status: ONLINE