2025
April
Creating a file management system with document sharing features.
- Implementing custom cryptographic solutions to ensure security at every step of the way.
- Aim of the project is to get better at applying cryptography primitives, thus avoiding use of existing solutions.
Blog post about the most important points of threat modeling.
March
- Finished “AWS Threat Modeling for Builders” Workshop
2024
November
- Transparency Log Verifier: Developed a Python-based Sigstore Rekor monitor to verify log consistency, with CI/CD, testing, SBOM generation, attestations, and supply chain security best practices.
- VIVID CTF Finals – Ranked 6th among 15 teams in the in-person final competition
October
- ISC2 CC Certification
- Very easy cert to pass by spending 1-2 days revising topics if you have a basic cybersecurity background.
- (https://www.linkedin.com/posts/mayank-ramnani_im-happy-to-share-that-ive-obtained-a-new-activity-7254186395479552000-o-0r)
June
- Involved with OpenSSF Compiler Hardening Working Group
- Led effort to make the OpenSSF document machine readable, and auto generate machine readable output from it using a python script
- GitHub Issue
- Continued Course Assistant role at NYU Tandon Cybersecurity
May
- Created this website, using Hugo + PaperMod
- Finished creation of webpresence - a service to track your presence on the internet
- April 2024 - May 2024
- Built using AWS services - Amplify, API Gateway, Lambda, DynamoDB, Cognito
- Get aggregated information from various APIs on the internet using your email, and get alerts when that information changes.
- Breached passwords, any PII
- Video Demo: Youtube
- Penetration Testing and Report for NBN Corporation
- Project undertaken as part of Vulnerability Analysis and Penetration Testing course by Prof Mantej Rajpal
- Project Report on GitHub
- Continued Course Assistant role at NYU Tandon Cybersecurity
April
- Started Course Assistant position under Professor Cappos in NYU Tandon School of Engineering Cybersecurity Department
- Main responsibility includes developing content for the Software Supply Chain Security course to be offered for the first time to NYU Cybersecurity Graduate students
- Gave a demo for my tool Temper in front of OpenSSF Compiler Hardening Working Group
- Temper is a tool to harden your compiler environment by analysing and recommending compiler flags based on OpenSSF guidelines
- Developed Semantic Image Search using AWS services
- Video Demo: Youtube
March
- Created a To-Do Cloud Application using Flask, MongoDB, Docker and Kubernetes
- Repository: Github
- Pariticipated in my first in-person 24 hour CTF competition at New Jersey Institute of Technology.
- Won the best in-person team. (Some teams from across the world competed remotely that were better than us)
- Post: LinkedIn
- Won the AWS Security Jam competition hosted at NYU BY the AWS Security Team.
- Post: LinkedIn
- Secured entry in the final round of NCAE VIVID CTF. The Virtual Internship and Varied Innovative Demonstrations (VIVID) Coalition comprised of the University of Alabama in Huntsville, Augusta University, University of Arizona, and Florida International University.
- 3 days of competition, 6 hours each day for Red Team challenges, Blue Team challenges, and Jeopardy style challenges.
- Post: LinkedIn
February
- Developed Dining Concierge Bot using AWS services
- Restaurant suggestions to the user using AWS services - Lex, Lambda, S3, ElasticSearch, DynamoDB, SQS, SES, APIGateway.
- Video Demo: Youtube
2023
December
- Kubernetes Security Assessment for CNCF: Conducted a security assessment for Volcano, an open source Kubernetes
based system for batch workloads, as part of CNCF TAG Security, earning the Dan Kohn Scholarship.
- PR: https://github.com/cncf/tag-security/pull/1205
- Lightweight threat analysis/enumeration as opposed to threat modeling.
- Threats documented in file: (https://github.com/mayank-nyu/tag-security/blob/741608918bab516082084cf3d7afebe2f29c3557/assessments/projects/volcano/threat-analysis.md)
Previous
- Browser History Analyzer
- Developed a tool in Python using PyQt, sqlite3 to fetch, parse and analyse history data of the browser and display it visually using graphs, leading a team of 4.