Regaan is a Security Researcher, Ethical Hacker, and Full-Stack Engineer based in India. He is the founder of Rot Hackers, a cybersecurity training platform. He specializes in offensive security, penetration testing, exploit development, and secure software development.

Rot Hackers is a cybersecurity training platform founded by Regaan. It offers courses in ethical hacking, penetration testing, bug bounty hunting, and exploit development. The platform provides hands-on practical training to help students become security professionals.

Who founded Rot Hackers?

Rot Hackers was founded by Regaan, a Security Researcher and Full-Stack Engineer from India. He created the platform to provide quality cybersecurity education and practical training.

What projects has Regaan created?

Regaan has created several notable security tools including PoCSmith (AI-powered exploit generator), ProtoCrash (protocol fuzzer), RedLang (security programming language), WSHawk (WebSocket security scanner), Basilisk (AI/LLM red teaming framework), and various C2 frameworks. Many are open-source on GitHub.

Is Regaan available for hire?

Yes, Regaan is available for security consulting, penetration testing, and software development projects. You can contact him through his portfolio website at regaan.rothackers.com.

REGAAN

01. About Me

I am a Security Researcher and Full-Stack Engineer specializing in Offensive Security, Systems Programming, and Mobile Application Security.

From building custom compilers like RedLang and Keikaku to architecting secure learning platforms like Rothackers, I bridge the gap between low-level exploitation and scalable software engineering.

With 4+ years of experience, I build robust, scalable applications while simultaneously breaking them to ensure maximum security. My expertise spans penetration testing, secure backend design, real-time systems, and AI/LLM integrations.

Offensive Security

Systems Programming

Mobile Security

02. Technical Arsenal

WebSocket Security

Penetration Testing

OWASP Top 10

OAST

Session Hijacking

XSS / SQLi

SSRF / XXE

WAF Bypass

Python

JavaScript

TypeScript

Java

SQL

React

Next.js

Node.js

Express

Playwright

Docker

Burp Suite

OWASP ZAP

Git Forensics

MongoDB

Compiler Design

LLVM

Systems Programming

03. Experience

Guest Lecturer — Mobile App Development

Dwaraka Doss Goverdhan Doss Vaishnav College (DDGDVC)

Student Reviews

▹Leading an intensive 30-day certification program on Mobile App Development using MIT App Inventor.
▹Covering full-stack logic, API integration, and database management for mobile environments.
▹Mentoring 50+ students through the end-to-end lifecycle of production-ready mobile applications.

Guest Speaker — Cybersecurity Fundamentals

Mohamed Sathak Polytechnic College

▹Delivered a 4-hour comprehensive workshop on modern cybersecurity landscapes and offensive R&D.
▹Introduced students to vulnerability research, secure coding practices, and industry career paths.

Workshop Instructor — Modern Cyber Attack Engineering

eHackify

▹Delivered a 2.5-hour workshop covering malware development concepts, reverse engineering, exploitation flows, C2 frameworks, OPSEC, and red-team methodology.

Security Research Engineer

ROT Independent Security Research Lab

▹Leading offensive R&D and engineering production-grade security artifacts, specializing in high-performance fuzzer development and protocol research.
▹Architected WSHawk, achieving benchmarks of 350k+ executions/sec using raw syscall optimization in Go for distributed vulnerability discovery.
▹Developing AI/LLM security frameworks (Basilisk) for automated red teaming and genetic prompt evolution, achieving zero-false-positive XSS verification.
▹Managing community-driven open-source projects with significant real-world adoption (900+ repository clones in 14 days).

Independent Study — Cybersecurity & Software Engineering

Self-Directed

▹Focused on offensive security, secure full-stack engineering, AI systems, and tool development through structured hands-on learning.

04. Featured Projects

Keikaku (計画) Language

A dynamic, interpreted programming language designed for masterminds. Features advanced generators, native async/await, and deterministic control flow constructs.

PythonInterpreterCompiler DesignSystems Programming

OffSec Echo Writeups

Comprehensive writeups for 9 weeks of advanced security challenges covering malware analysis, forensics, and cloud exploitation.

Technical WritingMalware AnalysisForensics

WSHawk

Enterprise WebSocket security scanner. Features Multiplayer Red Team mode, CyberNode visual attack chaining, AI Highlight-to-Hack, and Headless DOM Invader for zero-false-positive XSS.

PythonWebSocketsDesktop AppSmart Payload Evolution

Basilisk v0.1.0

AI/LLM red teaming framework with genetic prompt evolution. 29 attack modules across 8 categories, OWASP LLM Top 10 coverage, and Smart Prompt Evolution (SPE-NL) engine.

PythonAI/LLM SecurityDesktop AppGenetic Algorithms

ProtoCrash

Coverage-guided protocol fuzzer for vulnerability discovery. Features distributed fuzzing, smart mutation engine, and automated crash analysis.

PythonFuzzingSecurity ToolPyPIDistributed Systems

PoCSmith

AI-powered proof-of-concept generator for security research. Fine-tuned CodeLlama-7B model trained on 1,472 exploit samples achieving 78.4% token accuracy.

PythonAI/MLSecurity ToolPyPIHugging Face

Rothackers Mobile & Backend

The core learning platform featuring a React Native mobile app with E2EE and a Node.js/MySQL backend with real-time features.

React NativeNode.jsMySQLRedisWebRTCSocket.io

Rothackers Admin Dashboard

Comprehensive analytics and content management system for the mobile app. Built with Next.js 15, features real-time data visualization.

Next.js 15Tailwind CSSRechartsFramer Motion

Rothackers Research Hub

An open-source offensive security research hub. Engineering battle-tested methodologies into production-grade artifacts like WSHawk, Keikaku, ProtoCrash, and PoCSmith.

Offensive SecurityResearchNext.jsOpen Source Tools

Rothackers Masterclass

Separate educational platform with interactive course content and authentication. Built for self-paced learning.

Next.jsAuthenticationPWA

Rothackers Academy

A modern SaaS learning platform with AI-powered features. Built with Next.js 15, Drizzle ORM, and Google Gemini AI.

Next.js 15Drizzle ORMStripeGoogle Gemini AI

Rothackers Adversary Simulation System

A high-performance command & control (C2) infrastructure for enterprise-scale adversary simulation. Features a Go-based Windows agent with direct syscall execution and a macOS persistence module designed to audit Gatekeeper security mechanisms.

GoPythonRedismacOS/WindowsAdversary Simulation

Mobile Security Research Framework

A specialized Android posture assessment engine utilizing direct Smali bytecode injection and multi-threaded data instrumentation for security auditing of Android 15 environments.

SmaliAndroid InternalsPythonRedisSecurity Auditing

RedLang

A custom systems programming language designed for security research. Features a full LLVM-based compiler, Language Server (LSP), and built-in low-level primitives.

C++LLVMCompiler DesignSecurity Research

SQL Tamper Framework v2.1.0

Enterprise-grade, context-aware SQL transformation framework for bypassing modern WAFs (AWS, Cloudflare, Akamai). Features custom lexer, AST analysis, and automated Docker/PyPI distribution.

PythonWAF BypassAST AnalysisDevOps

Maya - Esports Analytics Platform

A finished production-grade tournament management system. Demonstrated capability in handling real-time high-concurrency systems, team verification protocols, and mobile monetization.

React NativeWebSocketsAdMobInfrastructure

Initialize Connection?

Whether you have a question, a project idea, or just want to discuss the latest in security research, my inbox is always open.

GitHub

View Resume_

System Status: ONLINE