REGAAN
Security Researcher • Offensive Engineer • Full-Stack Developer
Executive Summary
Security Researcher specializing in offensive security, protocol fuzzing, and security tooling. 4+ years building custom scanners, fuzzers, compilers, and adversary simulation systems in Go, C++, and Python. Creator of multiple open-source security tools with active community adoption.
Technical Proficiencies
WebSocket Security, Protocol Fuzzing, WAF Bypass, XSS/SQLi/SSRF Research, OAST, Red Teaming.
Go, C/C++, Python, Linux Internals, Windows Internals, Syscalls, TCP/IP, WebSockets, LLVM, Bytecode VMs.
Docker, Redis, PostgreSQL, Node.js, Next.js, Playwright, Burp Suite, Git Forensics.
LLM Red Teaming, Prompt Evolution, Genetic Algorithms (SPE), Local LLM Quantization.
Professional Experience
Guest Lecturer — Mobile App Development
FEB 2026 – MAR 2026- Delivered an intensive 30-day certification program on MIT App Development and Mobile Architecture.
- Mentored over 50+ students in building functional cross-platform applications, focusing on logic design and UI/UX.
- Facilitated hands-on labs for rapid prototyping and deployment of mobile-first secure interfaces.
Solo Researcher & Founding Architect
2020 – PRESENT- Designed and developed WSHawk, a WebSocket security testing framework with automated payload mutation (22k+ corpus) and headless DOM verification.
- Built 7 offensive security tools (Go, Python, C++) including protocol fuzzers, mutation engines, and vulnerability scanners.
- Engineered high-concurrency red team simulation infrastructure in Go using raw syscalls, achieving 350k+ executions/sec.
- Conduct independent research in protocol fuzzing, exploit automation, and offensive tooling, translating research concepts into practical offensive security tools and systems.
Key Security Projects
WSHawk — WebSocket Security Scanner
- Built in Go with distributed fuzzing architecture, genetic payload mutation, and headless DOM verification.
- Open-source adoption with 900+ repository clones and 120+ active developers in the last 14 days.
Basilisk — AI/LLM Red Teaming Framework
- AI/LLM Red Teaming framework for prompt attack simulation; 404 repository clones and 119 unique developers in the last 14 days.
- Implemented genetic prompt evolution for guardrail testing and automated prompt-evasion research.
Offensive Research
- ProtoCrash: Coverage-guided fuzzer achieving 350k execs/sec in distributed environments.
- PoCSmith: AI model fine-tuned on 1,400+ exploit samples for automated PoC generation.
- ROT C2: Simulation system in Go using direct syscalls for posture auditing.
Language Engineering
- RedLang: LLVM-based systems language for security research primitives.
- Keikaku: Interpreted language with native async/await and advanced generators.
Platform Development
- Developed a web-based offensive security workbench (Next.js 15, Redis, Socket.io) for real-time research collaboration.
- Architected and deployed a modern SaaS learning environment featuring Gemini-AI integration.
Achievements
- Maya Is Live — Published high-concurrency esports platform (10k+ capacity) to Play Store.
- CEH (Certified Ethical Hacker) — EC-Council Certification (2025-2026).
- OffSec Echo — Completed 9 weeks of intensive challenges in Forensics, Cloud, and Malware.
Education & Community
Independent Study — CS & Security
2020 – Present
Deep specialization in systems programming, compiler design, and automated vulnerability research.
- Workshop Instructor: Modern Cyber Attack Engineering (eHackify, 2025).
- Guest Speaker: 4-Hour Cybersecurity & Offensive R&D Workshop (Mohamed Sathak Polytechnic College, 2026).
- Open Source Contributor: WSHawk, Basilisk, and Protocol Fuzzing.