GitHub - karandesai2005/karandesai2005

🧑‍💻 About Me

┌─────────────────────────────────────────────────────────┐
│  karan@security:~$ whoami                               │
│                                                         │
│  ▸ 3rd-year CS undergrad @ Symbiosis Institute of Tech  │
│  ▸ eJPT certified penetration tester                   │
│  ▸ GSoC 2026 applicant → Metasploit / Honeynet Project  │
│  ▸ Co-founded a startup, shipped to 100+ users         │
│  ▸ Building Maya: an autonomous deception framework     │
│  ▸ CTF player, home lab operator, open-source lurker   │
└─────────────────────────────────────────────────────────┘

🔐 I work at the intersection of offensive security, container infrastructure, and systems programming
🚀 GSoC 2026: Proposing build_vuln — automated vulnerable environment provisioning for Metasploit Framework (Ruby · Docker · Podman · OCI)
🎭 Currently designing Maya, an autonomous honeypot platform with CRDT-based state sync and MITRE ATT&CK mapping
🏴‍☠️ Regular CTF player (web, networking, forensics, OSINT)
📝 I write on Medium about networking, distributed systems, and security
📫 desaikaran.me@gmail.com · Portfolio

🌱 GSoC 2026 — Metasploit Framework

Project: Automated Vulnerable Environment Provisioning Organisation: The Honeynet Project → Metasploit (Rapid7)

Metasploit ships hundreds of exploit modules but has no first-class way to provision matching targets. I'm building that:

Component	Description
`vuln_env.yml` schema	Per-module YAML config declaring OCI image, ports, healthchecks
`build_vuln` command	New msfconsole command that spins up containers on demand
Rootless Podman support	Works on hardened machines without Docker Desktop
10+ environment definitions	Shellshock, EternalBlue, Drupalgeddon2, HeartBleed, and more
GitHub Actions pipeline	Auto-builds and publishes images to `ghcr.io/rapid7/msf-vuln`

msf6 exploit(linux/http/apache_mod_cgi_bash_env) > build_vuln
[*] Pulling ghcr.io/rapid7/msf-vuln/apache-shellshock:latest ...
[*] Starting container msf_vuln_abc123 ...
[+] Environment ready. Set RHOSTS 127.0.0.1, RPORT 8080

📄 Read the full proposal · 🏗️ Tracking issue (WIP)

🔨 Featured Projects

🎭 Maya — Autonomous Deception Framework

Security · Distributed Systems · ML

Autonomous honeypot/deception platform that detects and contains post-compromise attackers using parallel shadow infrastructure.

CRDT-based state sync for consistent attacker identity tracking across distributed nodes
Adaptive responses based on observed attacker TTPs
Full MITRE ATT&CK mapping for structured threat intel

🔒 Rootless — Secure Pentesting Console

Electron · FastAPI · Go · Firejail

Sandboxed pentesting console that isolates every tool execution using Firejail — no unsafe sudo, no VM overhead.

Layered arch: Electron → FastAPI → Go execution engine
Least-privilege model with per-session filesystem restrictions
Process-level isolation as a first-class design constraint

🏠 Cybersecurity Home Lab

Proxmox · pfSense · VLANs · Splunk

Enterprise-grade virtualized lab with VLAN segmentation, firewall policies, and isolated attack/defense subnets.

Wireshark traffic analysis + Splunk SIEM correlation
Full exploitation → lateral movement → detection pipeline
Simulated intrusion scenarios in a safe, controlled environment

📡 TraceProbe — Real-Time Log Analysis

Apache Kafka · Apache Flink

Streaming log ingestion and anomaly detection pipeline using Kafka for messaging and Flink for stateful processing.

Alert rules surface suspicious patterns as they happen
Reduced MTTD on simulated security events

🛡️ Security Philosophy

> "If it needs sudo, it needs isolation."
> "Build for the attacker's perspective, not just the happy path."
> "Reproducibility is a security property."

I care deeply about:

Least privilege — every process, every container, every API call
Attack surface reduction — fewer moving parts, fewer failure modes
Reproducible environments — ad-hoc setups are the enemy of good security testing
Fail safely — design for breach, not just prevention