Security Researcher · Systems Engineer · Hacker

Het Rutul
Joshi

Graduate student at Northeastern University. Architecting distributed systems, hunting network vulnerabilities, and dismantling tracking infrastructures. From securing ISRO's LIDAR sensors to exposing how Smart TVs fingerprint user data.

Het Rutul Joshi Profile Picture
Scroll to begin
1
Book Chapter
1
Published Patent
30+
Workshops & Talks
Founded
Largest FOSS Community in India
1600+
Students Mentored
Chapter I — The Conviction

Beyond the
Syllabus

My philosophy is simple: "Everything is hackable, even your toothbrush." True engineering doesn't happen in a textbook; it happens when you break a system down to its silicon and rebuild it.

This conviction led to founding Mukti. What began as small weekend hackathons grew into one of the largest student Free and Open Source Software (FOSS) community in India. We scaled to a network of builders shipping real code, democratizing technology, and reclaiming our digital autonomy.

The mission was always the same: democratize access to real engineering knowledge — not the kind you get from a lecture, but the kind you earn by breaking things and rebuilding them better.

"I am a man and all that affects mankind concerns me." Bhagat Singh
Chapter II — ISRO · IIT Bombay · The Research Years

Defending the
Architecture

Two institutions. Two very different scales of infrastructure. The same question at the core: how do you secure systems that the world depends on but barely understands?

Apr — Jun 2024
Bengaluru
Systems & Software Security Intern
Indian Space Research Organisation (ISRO)
Developed and secured a communication protocol for LIDAR sensor data on an embedded system. When you are writing code for aerospace hardware, failure means losing a satellite's eyes. Memory safety and secure boot chains are not optional.
May 2024 —
May 2025
Security Researcher
Indian Institute of Technology, Bombay
Investigated the hidden topology of tunnel-based reverse proxies (like Ngrok) under Prof. Devashish Gosain at IITB's Trust Lab. Analyzed their performance metrics, mapped their deep privacy implications, and modeled their viability as TOR relays.
You can read my experience in detail over here.
  • Book Chapter
    Cryptographic Bastions
    Published by CRC Press · Explores cloud security, access control, and encryption. Read Here
  • Patent
    CHARGE GUARD: Method for early detection of DDoS attacks
    Published by Gov. of India · Kernel-level mitigation for EV charging infrastructure
"A ship in harbor is safe, but that is not what ships are built for." John A. Shedd
Chapter III — The Present

Northeastern
University

M.S. in Computer Science at Northeastern University. The focus has sharpened: network security, systems engineering, and low-level system architecture — working at the intersection where research meets real infrastructure.

2025 — Present
Boston, MA
Research Apprentice
Under Prof. David Choffnes
Explored the invasive nature of Smart TVs at the Mon(IoT)r Lab. Dissecting Automatic Content Recognition (ACR) systems across major brands to map exactly how embedded hardware fingerprints user data.
Oct 2024 —
Jun 2025
Teaching Assistant
Ramaiah Institute of Technology, Bangalore
Delivered lectures on Network Security, and Data Communication Networks to 120+ students. Understanding a system well enough to secure it means understanding it well enough to teach it.
Recognition

Honors & Distinctions

Apprenticeship
Awarded Khoury Graduate Apprenticeship
@ Northeastern University. Research focusing on ACR systems, smart TV user privacy, and network fingerprinting.
Community
Founder — Mukti FOSS Community
One of the largest student open-source communities in India. Leading FOSS advocacy and engineering.
Research
Security Researcher — IIT Bombay
Lead Author on research looking into Ngrok reverse proxy performance and TOR relay potential.
Speaker
Awarded 'Top Speaker' at FOSSMeet'24 and '25
Delivered engaging workshops and talks on digital privacy, anonimity and threats in cyber security at NIT Claicut.
Arsenal

Selected Work

01
Kavaach: OCPP Testbed

Built the first de-facto OCPP testbed replicating real-world EV charging stations. Enabled simulation of attacks like SYN floods and billing exploits, empowering academia to research cybersecurity solutions for EV networks.

Network Security Raspberry Pi DDoS Mitigation
02
SSHRead: SSH Username based Covert Channel

This project investigates the security vulnerability of covert channels within the SSH protocol, specifically addressing how data can be exfiltrated through authentication metadata rather than established connections.

Python SSH Log Analysis
03
NETRA: AIRS

A real-time Automated Incident Response System integrating threat detection, decentralized threat intelligence, and self-healing infrastructure using PySpark and ZeroMQ.

PySpark ZeroMQ Post-Quantum
04
Sanjay: Malicious AP Detector

A CLI tool to detect malicious or insecure Wi-Fi networks through active and passive scanning. Identifies threats like Evil Twin, Honeypots, and Deauth attacks using Scapy and Python.

Python Bash WiFi Security