Security Engineer & Penetration Tester

Building tools that
break and defend.

I'm Bhargav Raj Dutta, a security engineer based in Dubai. I spend my days on offensive security, penetration testing, and CTF challenge development at Exploit3rs Cyber Security Academy, and build security tools and platforms as a hobby.

GitHub LinkedIn View Projects
Bhargav Raj Dutta
About

Who I Am

I'm a Security Engineer and Penetration Tester with a Bachelor of IT in Cybersecurity & Digital Forensics from Murdoch University Dubai. Currently at Exploit3rs Cyber Security Academy, I work on offensive security operations, build CTF challenges based on real-world CVEs, develop cloud security infrastructure on AWS, and create cybersecurity training content for the UAE and GCC region.

Outside of work, I love building things. Most of the projects you see here are personal builds, from threat intelligence platforms and vulnerability scanners to phishing simulation infrastructure and AI-powered detection tools. I believe the best way to understand security is to build both the attack and the defense.

Core Skills
Penetration Testing Vulnerability Research CTF Development Cloud Security (AWS) Python Docker Network Analysis Digital Forensics MITRE ATT&CK Reverse Engineering Web App Security React / Next.js Flask / FastAPI Linux Wireshark Nmap Burp Suite Metasploit
Bhargav Raj Dutta Bhargav at GITEX Cyber Security
100+
Certifications
20+
Projects Built
4th
RIFT CTF 2025
30+
CTF Challenges Authored
Experience

Where I've Worked

Offensive Lab Engineer & CTF Specialist
Exploit3rs Cyber Security Academy, Dubai
2025 — Present
  • Design and build CTF challenges based on real-world CVEs across web exploitation, forensics, reverse engineering, and cryptography categories
  • Conduct authorized penetration testing on company infrastructure and client-facing applications
  • Manage AWS cloud infrastructure including ECR, Lambda, DynamoDB, S3, and EC2 for challenge deployment
  • Develop cybersecurity training content, webinars, and hands-on labs targeting the UAE and GCC market
  • Built a serverless certificate generation system processing 500+ certificates in under 60 seconds
  • Created and deployed phishing simulation infrastructure using GoPhish and Mailcow on AWS
Exploit3rs Cyber Security Academy
Information Technology Intern
Banke International Properties, Dubai, UAE · On-site
Jul 2025 — Sep 2025
  • Developed and maintained full-stack web applications (frontend & backend) using Angular, React.js, Laravel (PHP), REST APIs, HTML, CSS, and JavaScript
  • Performed vulnerability assessments of the company's IT infrastructure, documented findings, and prepared security reports to guide remediation
  • Built and tested REST API integrations to connect Angular frontends with Laravel backends, improving data flow for internal property systems
  • Gained hands-on experience in cloud services used by Banke to support scalability and secure application deployment
  • Strengthened full-stack development skills by working across frontend, backend, and database layers while collaborating with senior developers
Bhargav at Banke International Properties Bhargav receiving certificate at Banke
Cyber Security Hands-on Training Program
Kreativstorm, Germany · Remote · Apprenticeship
Mar 2024 — May 2024
  • Completed an intensive cybersecurity training program focused on penetration testing and ethical hacking
  • Developed and executed penetration tests, vulnerability assessments, and web application exploits
  • Automated forensics analysis with custom Python scripts, improving threat detection speed
  • Utilized security tools such as Nmap, Burp Suite, Hydra, and Hashcat for hands-on learning
  • Built secure web applications, implementing robust security controls following industry best practices
  • Consistently ranked among top performers in monthly CTF challenges
Kreativstorm Certificate
Education

Where I've Studied

Bachelor's of Information Technology, Cyber Security and Digital Forensics
Murdoch University Dubai
May 2023 — Jan 2026
GPA: 3.00 / 4.00
  • Graduated with a Bachelor of Information Technology majoring in Cybersecurity and Digital Forensics
  • Developed strong foundations in network security, computer forensics, security architecture, intelligent systems, business intelligence, and IT infrastructure
  • Capstone: Designed and implemented an ISO 27001-aligned ISMS with NIST CSF and SOCI Act compliance mapping
  • Runner-up at the 2025 Winter Hackathon for building a Pharmacy Drug Interaction Tool
  • Active participant in university hackathons, technical quizzes, cybersecurity workshops, guest lectures, and industry-focused events
  • Completed multiple technical and analytical projects focused on cloud security, system architecture, and defensive cybersecurity operations
Bhargav at Murdoch University Dubai
Projects

Things I've Built

Personal projects and hobby builds. I enjoy creating security tools, platforms, and exploring offensive and defensive techniques hands-on.

SENTINEL : Threat Intelligence Platform
Full-stack TIP aggregating IOCs from 10+ threat feeds with WHOIS/DNS/GeoIP enrichment, weighted threat scoring (0-100), MITRE ATT&CK heatmap, and a real-time SOC dashboard. STIX 2.1 export.
Next.js 14FastAPIPostgreSQLRedisDockerD3.js
AI Financial Fraud Graph Engine
Production-grade fraud detection system using graph analysis to model relationships between financial entities and detect fraud patterns in real-time.
PythonGraph AnalysisMLFull-Stack
Vulnerability Scanner
Non-invasive security scanner with real-time results: port scanning, SSL/TLS analysis, security headers check, server detection, and HTTP method enumeration. Redis-backed job queue.
Next.jsPythonRedisTypeScript
Reconnaissance Lab
Interactive terminal simulator for reconnaissance training. 5-step chain: WHOIS, subfinder, nslookup, nmap, nuclei. MITRE ATT&CK mapped (T1592, T1590, T1595). Dockerized.
PythonFlaskDockerJavaScript
SecureVault Password Manager
NIST SP 800-63B compliant desktop password manager with PBKDF2 (600K iterations), Fernet encryption, passphrase generator, entropy analyzer, and brute-force time calculator.
PythonCryptographyPBKDF2CustomTkinter
PathForge Career Platform
Career guidance platform matching cybersecurity students to best-fit roles with AI-powered salary data, job market trends, and personalized 90-day learning roadmaps.
React 19TypeScriptViteGemini API
AI Phishing Email Detector
ML-powered phishing detection with 97%+ accuracy using logistic regression, TF-IDF vectorization, real-time confidence scoring, and a detailed phishing indicator explanation system.
Pythonscikit-learnNLPTF-IDF
AWS Certificate Generation System
Serverless system automating certificate generation for CTF events and workshops. RESTful API with webhook support, async queue processing, and bulk operations (500+ in under 60s).
AWS LambdaAPI GatewaySQSS3DynamoDB
Phishing Simulation Infrastructure
Full phishing simulation stack with GoPhish + Mailcow on Docker. Deployed on AWS EC2 with SMTP integration and 10 social engineering templates for security awareness training.
GoPhishMailcowDockerAWS EC2
AI Expert System for Cybersecurity Tools
Rule-based expert system helping SMEs select cybersecurity tools using forward-chaining inference. 86% accuracy, 0.45s response time, 8+/10 user satisfaction.
PythonTkinterKnowledge Engineering
CVE-2023-32784 KeePass Exploitation
Security analysis and PoC exploitation of the KeePass memory leakage vulnerability. Demonstrated master password recovery from memory dumps via .NET string handling flaw.
CVE AnalysisMemory ForensicsVMwarePython
Automated Log Analyzer
Python tool automating security log analysis. Regex-based detection of failed login patterns, suspicious IP identification, and visual reporting with Matplotlib bar charts.
PythonRegexMatplotlibTkinter

...and many more

Check out my LinkedIn and GitHub for more projects

Certifications

100+ Credentials

A selection of certifications across cybersecurity, cloud, AI, and development. Grouped by issuer. Check my LinkedIn for full certification credentials with verification links.

Google 14
Google Cybersecurity Professional CertificateMar 2024
Google Cloud CybersecurityApr 2025
Cloud Security Risks: Identify and Protect Against ThreatsApr 2025
Detect, Respond, and Recover from Cloud Cybersecurity AttacksApr 2025
Strategies for Cloud Security Risk ManagementApr 2025
Introduction to Security Principles in Cloud ComputingApr 2025
Google Analytics CertificationSep 2025
Google Ads Search CertificationOct 2025
Google AI EssentialsOct 2024
Introduction to Generative AIFeb 2024
Automate Cybersecurity Tasks with PythonMar 2024
Sound the Alarm: Detection and ResponseMar 2024
Tools of the Trade: Linux and SQLMar 2024
Technical Support FundamentalsOct 2024
Oracle 3
OCI 2024 Certified Foundations AssociateDec 2024
OCI 2024 AI Foundations AssociateAug 2024
OCI 2023 AI Foundations Associate2024
Amazon Web Services (AWS) 7
Introduction to Amazon DynamoDBNov 2025
Introduction to AWS IAMSep 2025
AWS Compute Services OverviewJun 2025
Amazon Bedrock Getting StartedAug 2024
AWS Cloud Essentials2024
AWS Billing and Cost ManagementJul 2024
Job Roles in the Cloud2024
IBM 5
Generative AI for Cybersecurity Professionals SpecializationJan 2026
Generative AI: Boost Your Cybersecurity CareerJan 2026
Generative AI: Prompt Engineering BasicsJan 2026
Generative AI: Introduction and ApplicationsJan 2026
Introduction to Cybersecurity Tools & CyberattacksOct 2024
MongoDB 10
MongoDB AggregationJan 2025
CRUD Operations: Modifying Query ResultsJan 2025
CRUD Operations: Replace and Delete DocumentsJan 2025
Building RAG Applications with Atlas Vector SearchDec 2024
Building AI Apps with MongoDB on AWSDec 2024
Semantic Search for AWS UsersDec 2024
Introduction to AI and Vector SearchDec 2024
Getting Started with MongoDB AtlasDec 2024
Connecting to a MongoDB DatabaseDec 2024
MongoDB and the Document ModelDec 2024
OPSWAT 6
Secure Storage Associate (OSSA)Nov 2025
Email Security Associate (OESA)Jul 2025
Data Transfer Security Associate (ODSA)Jun 2025
Web Traffic Protection Associate (OWPA)May 2025
File Security Associate (OFSA)May 2025
Introduction to Critical Infrastructure ProtectionMay 2024
Security Blue Team 4
Introduction to Network AnalysisMay 2024
Introduction to Digital ForensicsApr 2024
Introduction to Darkweb OperationsApr 2024
Mental Health in CybersecurityMar 2024
EC-Council 6
Python for Absolute BeginnersOct 2024
Android Bug Bounty Hunting2024
Cybersecurity for BusinessesOct 2024
SQL Injection AttacksAug 2024
A Practical Introduction to Cloud ComputingAug 2024
Introduction to Dark Web, Anonymity, and CryptocurrencyAug 2024
Cisco, Databricks, Fortinet & Others 15+
Cisco Network DefenseJul 2024
Cisco Introduction to CybersecurityJan 2024
Databricks Generative AI FundamentalsOct 2025
Databricks AI Security FundamentalsNov 2025
Fortinet Introduction to the Threat Landscape 2.02024
CyberWarFare Labs Certified Cyber Security Analyst (Premium)Jan 2025
arcX Foundation Threat Intelligence AnalystMay 2024
TCM Security Linux 100: FundamentalsSep 2025
ISC2 CandidateSep 2023
AttackIQ Strategic Cybersecurity ManagementAug 2024
University of London Introduction to Applied CryptographyMar 2024
University of Minnesota Cloud Security BasicsOct 2024
Metasploit for Beginners: Ethical Penetration TestingApr 2024
Kali Linux (Board Infinity)Apr 2024
Coventry University Fraud Investigation2024
Achievements

Highlights

RIFT CTF 2025 RIFT CTF 2025 Team
4th Place, RIFT CTF 2025
GDG BITS Dubai CTF competition
Hackathon Certificate Bhargav at Murdoch Hackathon Bhargav with Hackathon Certificate
Runner-Up, Murdoch Hackathon 2025
Built Pharmacy Drug Interaction Tool
Sharjah Police CTF Group Photo Bhargav at Sharjah Police CTF Bhargav at Sharjah Police CTF venue
15th / 200, Sharjah Police CTF
Solved 9 of 11 flags
Contact

Get In Touch

Open to opportunities in security engineering and penetration testing. Feel free to reach out.

GitHub
dev0558
LinkedIn
bhargav-raj-dutta
Email
bhargavrajdutta685@gmail.com
Location
Dubai, UAE