Hi, I'm Dheeraj!
Information Technology Engineer, Cybersecurity Professional
I am Dheeraj Birapuneni, an Information Technology Engineer with a strong focus on cybersecurity, cloud infrastructure, and system administration. I hold an M.Sc. in Cybersecurity from the National College of Ireland, where I developed a deep understanding of network security, cloud architecture, and data protection. My passion for technology drives me to continuously learn and apply security best practices to protect digital environments.
With hands-on experience in cloud platforms, security testing, and system administration, I have successfully managed and secured various IT systems and web applications. I am skilled in identifying and mitigating security vulnerabilities, implementing robust security measures, and optimizing cloud infrastructure for performance and security.
Through my academic and professional projects, I have gained valuable experience in securing cloud-hosted applications, conducting vulnerability assessments, and developing security strategies to protect both systems and data. I am excited to apply my expertise to contribute to innovative projects and help organizations achieve their IT and security goals.
- Languages: Python, PowerShell, SQL, C++, Regex
- Security Testing: OWASP ZAP, Burp Suite, Metasploit, Aircrack-ng, Hashcat, JohnTheRipper, Snyk
- Security Tools: FOSSA, Flake8, SonarQube, Microfocus Fortify, Contrast
- DevSecOps: Azure DevOps, Docker, Kubernetes
- Compliance & Frameworks: NIST, PCI DSS, Threat Modelling, OWASP Top 10 Mitigation
- Infrastructure: Linux & Windows Admin, Virtualization (VMware), Networking, Firewalls, IDS/IPS
- SIEM & Monitoring: Splunk, Datadog
- ITSM: ServiceNow, JIRA, Confluence
- The main objective was to host a secure web application using a cloud platform (AWS) with a focus on security implementations. I deployed a WordPress blog website (onedarkyear.tech) using AWS EC2 instances and applied various security features, including AWS security tools and WordPress plugins, to safeguard the application against potential threats. This project also includes comprehensive vulnerability assessments and risk mitigation strategies to ensure the highest level of security.
- This project delved into modern Java's functional programming paradigm, assessing its ability to promote modular, secure, and side-effect-free code structures. Alongside, I conducted an in-depth security audit of a Java-based library management application using both automated tools and manual review techniques. The aim was to identify critical vulnerabilities and reinforce secure coding principles within real-world applications.
- In this cybersecurity research project, I analyzed the Lethic Botnet, one of the most infamous spamming botnets of the late 2000s. I examined its infection vectors, C2 architecture, and takedown strategies. This investigation provided a historical and technical understanding of botnet ecosystems, contributing to a stronger foundation in modern threat intelligence.
- This research project focused on analyzing a major mobile security incident, "The CamScanner breach" of 2019. I thoroughly investigated the underlying Trojan-Dropper.AndroidOS.Necro.n malware dissected its distribution through legitimate platforms and documented the consequences of compromised third-party SDKs. The study highlighted the urgency of supply chain security in mobile app development.
- I set up a dedicated virtual malware lab to analyze the infamous GameOver Zeus malware. This hands-on project allowed for safe static and dynamic analysis, revealing how the malware communicated with its P2P network, spread through spam/phishing, and executed credential theft. It was a practical exercise in reverse engineering and threat containment in a sandboxed environment.
- This offensive security exercise involved exploiting CVE-2022-28368 to gain unauthorized root access on a vulnerable network service. The objective was to simulate a real-world breach, demonstrate privilege escalation, and produce a comprehensive vulnerability report. It sharpened my practical exploitation skills and emphasized the importance of secure configuration and patching.
- This academic research project explored the evolution of computer viruses from the 1980s to the early 2000s. By analyzing four iconic malware — Brain, Michelangelo, CIH, and Melissa. I aimed to understand how these early threats shaped the cybersecurity strategies we use today. The study offered insight into shifting attack trends and defensive mechanisms.
- This project combined networking and security by designing a home-based gaming network and stress-testing it against modern IoT-related vulnerabilities. Through simulation of known CVEs and application of best practices in segmentation and hardening, I created a robust architecture tailored to both performance and cybersecurity needs in smart homes.
- This red team-focused project involved developing a custom cyber-espionage toolkit to simulate insider threats. The suite included Python-based keylogging, clipboard logging, screen capturing, and audio surveillance modules. It served as both a proof of concept for offensive capabilities and an exploration of defense evasion tactics.
- In this machine learning project, I enhanced a biometric recognition system to support multi-modal inputs including faces, gestures, and surrounding objects. Using CNNs trained on custom datasets and real-time video feeds, I built a versatile recognition engine suitable for smart surveillance or accessibility systems.
- This project featured the end-to-end development of an IoT-based weather station named "Cloud Cover" using the NodeMCU ESP8266 microcontroller and DHT11 sensors. It involved hardware programming, sensor data acquisition, and real-time cloud dashboard integration, demonstrating the practical potential of smart environmental monitoring.
I had the opportunity to volunteer with OWASP (Open Web Application Security Project), where I played a crucial role in the logistics and coordination of a large-scale cybersecurity conference. I was responsible for handling pre-conference preparations, including participant registration and coordinating with sponsors and exhibitors. During the event, I provided technical support for audiovisual systems, ensuring smooth presentations and live sessions for over 1,500 attendees. My efforts were well-received, and I gained valuable experience in managing the technical and operational aspects of large-scale tech events.
As a core team member of the Google Developer Students Club, I organized and led over five workshops and hackathons focused on various technologies, including web development, AI, and cybersecurity. These events attracted a significant number of participants, resulting in a 30% increase in engagement. I also mentored students on coding projects and open-source contributions, helping them enhance their skills and build confidence in their technical abilities. This experience taught me the importance of knowledge sharing and fostering a collaborative environment, which I continue to practice in my professional life.
I served as the Community Manager for the Kruptos Security Club, where I organized and facilitated multiple cybersecurity hackathons and workshops aimed at educating students about the latest trends in cybersecurity. I successfully led initiatives that boosted member participation by 40%, creating a vibrant community of over 100 students who regularly engaged in hands-on learning activities. The workshops I organized covered topics such as ethical hacking, penetration testing, and network security, helping participants gain practical experience in real-world cybersecurity challenges. My leadership in the club not only promoted cybersecurity awareness but also fostered a community that prioritized continuous learning and professional development. Recently volunteered at Gamer Fest Ireland, setting up and configuring gaming systems for NBA2K, COD, and Tekken. Collaborated with the event team to optimize system performance and ensure smooth operations throughout the weekend. Provided real-time technical support and troubleshooted issues. This experience enhanced my technical and problem-solving skills in a dynamic event environment. Cybersecurity and Mobility, Coursera - Kennesaw State University
Introduction to Artificial Intelligence (AI), Coursera - IBM