Skip to content
View KarthikeyaThotak's full-sized avatar

Block or report KarthikeyaThotak

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
KarthikeyaThotak/README.md
Typing SVG

Cybersecurity Engineer in the making · Pentester · Builder

"I hack things legally, build things chaotically, and explain cybersecurity
like we're just two friends messing with a home lab at 2 AM."

LinkedIn YouTube Portfolio Email

Profile views

whoami

$ whoami
karthikeya@blue-team:~$ id
uid=1337(karthikeya) gid=1337(security) groups=1337(security),100(builders),200(students)

> Cybersecurity (BS to MS) at Eastern Michigan University · GPA 3.82 · Dean's List
> Incoming Information Security Engineer Intern @ Rocket Mortgage · Summer 2026
> Penetration Tester (Contract) @ General Motors · Feb–May 2026
> VP, Google Developer Student Club @ EMU · 8x hackathon winner

I spend my time between three places: a Proxmox home lab running pfSense, Wazuh, Splunk, and an AD forest I'm constantly breaking and re-hardening; a terminal full of Burp Suite tabs for bug bounty and CTF work; and a YouTube studio where I try to make all of that make sense to people just starting out.


Currently

  • 🔬 Building Aghora — a privacy-first local malware analysis platform with AI triage, Ghidra decompilation, and an interactive threat graph
  • 🛡️ Detection engineering on my SOC lab — writing Wazuh rules and Splunk searches mapped to MITRE ATT&CK
  • 🎯 Prepping for OSCP and HTB CPTS · sharpening AD attack paths with BloodHound and Impacket
  • 🎥 Recording walkthroughs of home lab builds, CTF challenges, and pentest methodology on YouTube
  • 📬 Open to offensive security, detection engineering, and AI security conversations

Tech Arsenal

🎯 Offensive Security

Burp Suite Metasploit BloodHound Impacket Nmap Nessus OWASP ZAP sqlmap Ghidra

🔵 Defense & SIEM

Splunk Wazuh Elastic Atomic Red Team pfSense WireGuard

☁️ Cloud & Infrastructure

AWS Proxmox Docker Jenkins Linux Kali Windows Server

💻 Languages & Frameworks

Python Bash PowerShell C++ TypeScript React FastAPI

📐 Frameworks I work in

MITRE ATT&CK NIST CSF OWASP CIS Zero Trust


Featured Work

🔬 Aghora

Privacy-first local malware analysis with AI triage

A full-stack analysis platform that never sends a sample off your box. Static PE parsing, entropy and DIE packer detection, headless Ghidra decompilation, local LLM triage via Gemma + Ollama, and an interactive 6-cluster threat graph for IOC pivoting.

TypeScript React Python FastAPI Ollama Ghidra SQLite

🏠 Cybersecurity Home Lab

Enterprise SOC and malware analysis environment

Proxmox-hosted lab with an Active Directory forest, Windows/Linux endpoints, FlareVM for malware work, and pfSense segmentation. Wazuh + Splunk + ELK for detection engineering, Python alerting automation, Authentik SSO, and WireGuard on a Raspberry Pi as the entry point.

Proxmox pfSense Wazuh Splunk ELK Authentik FlareVM


📺 YouTube — @karthikeyathotak

I run a cybersecurity channel where I walk through home lab builds, CTF challenges, and the kind of "okay but why does this work" explanations I wish existed when I was starting out.

YouTube Channel

"Subscribe before your firewall gets jealous."


🏆 Highlights

  • 🥇 1st Place CTF — GrizzHacks 8 (3,300 points · Best Use of Gemini API)
  • 🇺🇸 9th Place Nationally — IEEE National Coding Competition 2024
  • 🏅 8x Hackathon Winner
  • 🎤 Speaker — ISC² Detroit Chapter (April 28, 2026)
  • 👥 Vice President — Google Developer Student Club, EMU (co-founded EMU's first official chapter)
  • 📈 30% reduction in TA support tickets via troubleshooting guides I wrote, now used across EMU's cybersecurity program

📜 Certifications

CompTIA Linux+ PJPT GFACT Cisco


📊 GitHub Stats

GitHub streak Trophies

Let's build something — or break something — together.

LinkedIn · Portfolio · YouTube · Email

📍 Northville, MI · open to offensive security, detection engineering, and AI security roles

Popular repositories Loading

  1. NQ-futures-bookmap-bot NQ-futures-bookmap-bot Public

    Python 2

  2. Password-Generator Password-Generator Public

    Python

  3. BugBounty-CheckList BugBounty-CheckList Public

    Python

  4. Python-Farmington-assistant Python-Farmington-assistant Public

    Python

  5. learn-python3 learn-python3 Public

    Forked from jerry-git/learn-python3

    Jupyter notebooks for teaching/learning Python 3

    Python

  6. Dark-Blue Dark-Blue Public

    Forked from DarkBlueCTT/Dark-Blue

    Dark Blue is a set of tools designed to help teams better prepare for CyberPatriot competition rounds by trying to make it easy to create custom practice images.

    JavaScript