Open to work β€” Targeting Dubai, UAE

Raseen
Naveeth

Cybersecurity Engineer & SOC Analyst_

SIEM / Splunk Honeypot Design Hardware Hacking Digital Forensics Red Team IEEE Published IT Support L1/L2
βœ‰ Email Me ⬑ 9 Projects ↓ Download Resume
Raseen Naveeth
9Cyber Projects
2.4sDetection Latency
IEEEPublished
0False Positives
DubaiBased Β· Apr '26
00 /

Why Hire Me?

Not just a
grad.
A builder.

Most cybersecurity grads know the theory. I've actually built and broken AD environments, written Splunk correlation rules that fire in 2.4 seconds, and published the results in IEEE. That's the difference.

"The best way to understand how attackers think is to become one β€” in a controlled lab."
βš”οΈ
Attack + Defense Experience
Hands-on AD attack simulation β€” Kerberoasting, Pass-the-Hash, lateral movement. And built the detection system that catches all of it.
β†’ Proof: ShadowNet project
πŸ“Š
Real SIEM Integration
Not just "learned Splunk on YouTube." Built live correlation rules, dashboards, and alert pipelines on actual Splunk Enterprise.
β†’ Proof: 2.4s detection latency
πŸ“„
IEEE Published Researcher
Final year project peer-reviewed and published at IEEE ICSSS 2025. Shows ability to document, present, and defend technical work.
β†’ Proof: ICSSS25CYB052
πŸ₯
Practical SOC Workflow
Understands the full pipeline: attacker action β†’ telemetry β†’ SIEM indexing β†’ correlation β†’ alert β†’ analyst response. End to end.
β†’ Proof: ShadowWatch dashboard
πŸ”§
Broad Technical Range
From USB HID hardware attacks to Btrfs forensics to Wi-Fi deauth tools. Rare cross-domain skills that most grads don't have.
β†’ Proof: 9 different project types
🌍
Dubai-Ready
Originally from Chennai, actively targeting Dubai UAE market. Graduating April 2026, available immediately. Freelance IT background, familiar with enterprise environments.
β†’ Freelance IT exp. across India

πŸ“„ Raseen Naveeth β€” Download Resume

ATS-optimized Β· 3 role-specific variants Β· UAE & India formats

↓ IT Support Resume ↓ Cybersecurity / SOC Resume ↓ Software Engineer Resume
01 /

Skills

πŸ›‘οΈ
Threat Detection & SIEM
Splunk Enterprise Β· Sysmon v15
MITRE ATT&CK Β· Kerberoasting
Brute-force Β· Lateral Movement
πŸ•ΈοΈ
Honeypot & Deception
AD Honeypot Β· Honeyusers
Decoy SPNs Β· BloodHound
Impacket Β· Attacker Trapping
πŸ”§
Hardware Hacking
Digispark ATtiny85 Β· USB HID
PowerShell Payloads Β· VBS
System Recon Β· Exfiltration
πŸ”
Digital Forensics
Btrfs Filesystem Β· Inode Analysis
File Recovery Β· Metadata Parsing
Low-level Filesystem Forensics
πŸ“‘
Network & Wireless
Packet Morphing Β· IDS Evasion
Wi-Fi Deauth Β· Nmap Β· Scapy
Traffic Obfuscation Β· Kali Linux
πŸ’»
Development
Python Β· PowerShell Β· SPL
JavaScript Β· HTML/CSS Β· Java
Bash Β· Automation Scripts
02 /

Projects

⭐ IEEE Published β€” ICSSS25CYB05201

ShadowNet

High-interaction Active Directory honeypot with Splunk SIEM integration. Decoy users, fake SPNs, bait files β€” attacker touches any of them, Splunk fires in 2.4s. Zero false positives by design.

SplunkActive DirectorySysmon v15Windows Server 2022VMwareMITRE ATT&CKImpacketBloodHoundHydraNmap
2.4sAvg Latency
0False Positives
100%Accuracy
<5%CPU Overhead
Deception System02

Fake AD Honeypot

Core deception framework with crafted honeyusers as attacker traps. Full behavior logging pipeline using BloodHound + Impacket simulation.

  • Convincing honeyuser account design
  • Attacker engagement trap logic
  • Full behavior logging pipeline
  • BloodHound + Impacket simulation
Active DirectoryBloodHoundImpacketWindows
Hardware Hacking03

IonDrive

USB HID attack tool β€” Rubber Ducky alternative using Digispark ATtiny85. Executes PowerShell payloads on insertion for recon, scanning, encryption, and exfiltration.

  • ScanNetwork.ps1 β€” network mapping
  • ScanFolder.ps1 β€” file enumeration
  • EncryptFolder.ps1 β€” ransomware sim
  • SendReport.ps1 β€” email exfil
Digispark ATtiny85PowerShellVBSUSB HID
Digital Forensics04

Btrfs File Recovery

Low-level recovery tool for deleted Btrfs filesystem structures. Manually parses metadata trees and inode structures β€” a rare and advanced forensics capability.

  • Btrfs metadata tree parsing
  • Inode structure analysis
  • Manual deleted file reconstruction
  • Tree dump data recovery
BtrfsLinuxFilesystem ForensicsPython
Red Team05

Phishing Emulator

Social engineering simulation with realistic fake login pages for red team demos and security awareness training.

  • Fake login page cloning
  • Credential capture simulation
  • Security awareness training tool
  • Red team demo ready
HTML/CSSPHPSocial EngineeringRed Team
IDS Evasion06

Packet Morphing

Advanced IDS evasion via packet modification β€” signature bypass and traffic obfuscation research. Conference paper potential.

  • Signature-based IDS bypass
  • Traffic obfuscation techniques
  • Packet pattern manipulation
  • Detection evasion research
PythonScapyWiresharkIDS Evasion
AI + Security07

DeepFake Bypass vs Detection

AI-security intersection: deepfake detection and bypass technique comparison. Future-ready research at the AI + cybersecurity frontier.

  • Deepfake media detection models
  • Bypass technique research
  • Detection accuracy comparison
  • AI + cybersecurity fusion
PythonAI/MLOpenCVDeep Learning
SOC Dashboard08

ShadowWatch

Interactive SOC analyst dashboard β€” real-time alert triage, attack timeline, log visualization. Demonstrates full SOC workflow understanding.

  • Real-time alert visualization
  • Attack timeline display
  • Log analysis interface
  • SOC workflow simulation
HTML/CSS/JSData VizChart.jsSOC Design
Wireless Attack09

Wi-Fi Deauth Tool

Java GUI-based wireless deauthentication tool for Kali Linux. Simulates 802.11 deauth attacks for wireless security research and testing.

  • Java Swing GUI interface
  • Kali Linux compatible
  • Deauth attack simulation
  • Wireless security testing
JavaKali LinuxWi-Fi 802.11Wireless
03 /

Evidence

Real data from ShadowNet experiments β€” not mock data. These charts are generated from actual attack simulation results.

Detection Latency (seconds) β€” lower is better
1.8s
Port Scan
2.1s
Kerberoast
2.4s
Brute Force
3.0s
Lateral Move
Attack Detection Latency
All 4 attack phases detected under 3 seconds. Avg: 2.4s. Port scan fastest at 1.8s. Zero missed detections.
Alerts Triggered by Account
18
admin_test
15
john.ad
22
svc_backup
9
guest
6
it_support
Alert Count by Account
Honeypot accounts svc_backup (22) and admin_test (18) drew most attacks β€” working as designed. Real users stayed quiet.
[*] ShadowNet Correlation Engine β€” Live Feed
10:00:14 | Sysmon EID 3 β€” Port scan detected
10:00:16 | ALERT: Port Scanning β€” 192.168.10.25 [1.8s]
10:03:42 | Sysmon EID 4769 β€” TGS-REQ RC4 ticket
10:03:44 | ALERT: Kerberoasting β€” svc_backup [2.1s]
10:08:11 | EID 4625 spike β€” 50 failed logons/min
10:08:14 | CRITICAL: Brute Force β€” admin_backup RDP [2.4s]
10:08:14 | False positives: 0 | Accuracy: 100%
shadownet@splunk:~$
Live Splunk Correlation Output
Real alert timeline from kill-chain simulation. Each attack phase triggers within seconds. Zero false positives across all runs.
β–  High 64.4%
β–  Medium 22.2%
β–  Low 13.3%
Failure Severity Distribution
64.4% of detected failures classified as high severity. ShadowNet prioritises critical attack patterns. Published IEEE ICSSS 2025.
Conference
IEEE ICSSS 2025
Dec 12–13, 2025 Β· Chennai, India
Published
IEEE Xplore
Added: 23 January 2026
DOI
10.1109/ICSSS66939.2025.11346444
Publisher: IEEE
Paper ID: ICSSS25CYB052
"ShadowNet: A Deceptive Active Directory Honeypot for Detecting Targeted Intrusions using Splunk"
Electronic ISBN: 979-8-3315-6323-3  Β·  Print ISBN: 979-8-3315-6324-0
β†— View on IEEE
04 /

Writeups

Active Directory Β· Deception
How I Built a Full Active Directory Honeypot from Scratch
Setting up a realistic Windows Server 2022 DC with decoy users, fake SPNs, and bait documents β€” then watching attackers walk right into the trap...
2025 Β· 8 min readRead β†’
 Splunk Β· Kerberoasting Β· Detection
Detecting Kerberoasting in Real-Time with Splunk SPL
Event ID 4769 with RC4 encryption flag is the tell. Here's the exact Splunk correlation search that fired in 2.1 seconds during my ShadowNet tests...
2025 Β· 6 min readRead β†’
 Hardware Β· USB HID Β· PowerShell
Building a USB Attack Tool with Digispark ATtiny85
A $2 microcontroller that acts as a keyboard the moment you plug it in. Here's how IonDrive works, what PowerShell payloads it runs, and how to defend against it...
2025 Β· 5 min readRead β†’
05 /

Experience

2024 β€” 2026
Final Year Project β€” ShadowNet
Sathyabama Institute of Science and Technology Β· Chennai
Designed and built full AD honeypot + Splunk SIEM pipeline. Kill-chain simulation: Nmap, Impacket, Hydra. Published at IEEE ICSSS 2025.
2025
IEEE Research Publication
ICSSS 2025 Β· Paper ID: ICSSS25CYB052
"ShadowNet: A Deceptive Active Directory Honeypot for Detecting Targeted Intrusions using Splunk" β€” peer-reviewed and accepted.
2022 β€” Present
Freelance IT Support Engineer
Chennai & India (Remote)
Hardware diagnostics, OS install, network config, AD user management, on-site + remote support. Multiple clients across India. Seeking full-time roles in Dubai, UAE.
2022 β€” 2026
B.E β€” CSE (Cybersecurity)
Sathyabama Institute of Science and Technology Β· Chennai
Graduating April 2026. Core: Network Security, Ethical Hacking, SIEM, Cryptography, Digital Forensics, Incident Response.
05.5 /

Certs & Community

Certifications
Pre Security Certificate
TryHackMe Β· Issued Jun 2025
ID: THM-6NEC4ZCSEL
β†— Verify
Introduction to Cyber Security
TryHackMe Β· Issued Jun 2025
ID: THM-BWUDLDLX7Y
β†— Verify
Introduction to Cybersecurity
NPTEL Β· IIT Certification
Government of India Β· SWAYAM
NPTEL
System and Usable Security
NPTEL Β· IIT Certification
Government of India Β· SWAYAM
NPTEL
Community & Achievements
2023 β€” 2026
Technical Member β€” OWASP Student Chapter
Sathyabama Institute of Science and Technology Β· Chennai
Active technical member for 3 years. Organised and conducted CTF (Capture The Flag) competitions, security workshops, and awareness sessions for the college community.
CTF Organiser Security Workshops OWASP Top 10
2024
Smart India Hackathon β€” Finalist
IIT Jammu Β· National Level
Reached national finals of India's largest hackathon, competing at IIT Jammu against teams from across the country.

Let's
Work
Together

Open to SOC Analyst, Cybersecurity Engineer, and IT Support roles β€” UAE and India. Graduating April 2026, available immediately.

βœ‰ Email Me ↓ Resume
βœ‰   raseennaveeth@gmail.com πŸ”—   linkedin.com/in/raseen-naveeth πŸ“   Chennai, India β†’ Targeting Dubai, UAE πŸŽ“   B.E CSE Cybersecurity β€” April 2026 πŸ“„   IEEE ICSSS 2025 Β· DOI: 10.1109/ICSSS66939.2025.11346444 πŸ›    9 Cybersecurity Projects Built πŸ’Ό   Open to Full-Time Roles β€” UAE & India
06 /

SOC Analyst Simulator

Alerts are flooding in. You're the analyst. Triage each one β€” Escalate, Investigate, or Dismiss β€” before the clock runs out. Wrong calls cost you. Missed alerts cost you more.

ShadowWatch SOC β€” Alert Triage Console
☠
INCIDENT WAVE INCOMING
You are the Tier-1 SOC Analyst. A wave of alerts just hit the SIEM. Triage them correctly before time expires β€” or the attacker wins.

ESCALATE = real attack Β· INVESTIGATE = needs more info Β· DISMISS = false positive
SHIFT OVER
0Final Score
0Correct
0Missed
}