Skip to content
View AnonymousSingh-007's full-sized avatar
🤗
Building Cool Stuff
🤗
Building Cool Stuff

Highlights

  • Pro

Block or report AnonymousSingh-007

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
AnonymousSingh-007/README.md

  ╔══════════════════════════════════════════════════════════════════╗
  ║                                                                  ║
  ║   When a model is put under adversarial pressure — jamming,      ║
  ║   evasion, obfuscation, injection — where does it structurally   ║
  ║   break, and can that break be turned into a detector?           ║
  ║                                                                  ║
  ║   Jailbreaks → swarm comms failure → biometric spoofing          ║
  ║   → phishing infra hiding by renaming.                           ║
  ║   Same hunt. Four domains.                                       ║
  ║                                                                  ║
  ╚══════════════════════════════════════════════════════════════════╝

$ ls -la ./research/

System Domain Headline Status Target
🔴 EVELYN Quantum graph ML Name-invariant phishing infra detection via topology fingerprinting IEEE S&P / USENIX
🟡 SWARN MARL robustness +13 pts detection under chase jammer · 1,050-run benchmark IEEE TNNLS
🟢 MIMIC Behavioral biometrics JSD 0.1478 · 100% evasion on all detectors tested IEEE TIFS
ICEM LLM red teaming 🏆 Best Paper + Best Presentation NCTAAI 4.0

$ cat /etc/researcher.conf

class AdversarialResearcher:
    name     = "Samratth Singh"
    base     = "DIAT · DRDO-affiliated · Pune, IN"
    degree   = "B.Tech CS (Cybersecurity)"
    thesis   = "Find the structural failure condition. Weaponize it. Then defend it."

    domains  = [
        "Adversarial AI",       # ICEM — jailbreak taxonomy
        "LLM Red Teaming",      # prompt injection / alignment evasion
        "MARL Robustness",      # SWARN — comms-degraded coordination
        "Behavioral Biometrics", # MIMIC — mouse-dynamics forgery
        "Quantum Graph ML",     # EVELYN — topology-invariant detection
    ]

    shipped  = {
        "Phish_Byte" : "F1 0.948 · 12K params · live on HuggingFace",
        "T.E.M.P.E.S.T": "Windows attack-surface enumerator + ML anomaly scoring",
        "RAV3N-sec"  : "Static vuln scanner · 30+ vuln classes · 100% local",
    }

    proof    = {
        "best_paper" : "NCTAAI 4.0 · 2024",
        "htb_rank"   : "Top 5% Global",
        "ctf"        : "14th National · Ciphathon",
        "ieee_targets": ["TNNLS", "TIFS", "S&P"],
    }

    def reach_me(self):
        return ["research collabs", "red-team engagements", "MS opportunities"]

$ ./deploy --flagship

🔴 EVELYN — Quantum Graph Phishing Infrastructure Detection

They change their names. They can't change their shape.

Phishing campaigns cycle domains faster than any blocklist keeps up — but the infrastructure topology behind them stays constant. EVELYN runs a continuous-time quantum walk over a phishing-infrastructure hypergraph and extracts a topology fingerprint that is invariant to domain names — detecting a campaign by its shape, not its strings. Zero-shot on topologies never seen in training.

What I built:

  • Reframed detection as a graph-spectral problem instead of string/GNN classification — the reason it generalizes zero-shot
  • Robust to rapid domain rotation by construction, not by retraining
  • Building empirical case for provable advantage over GNNs on infrastructure-shape tasks

Python · Continuous-Time Quantum Walks · NetworkX · DBSCAN · Graph ML


🟡 SWARN — Communication-Robust MARL for Adversarial Swarms

Most MARL assumes perfect comms. Real drone swarms never get that.

A 1,050-run benchmark exposing a structural blind spot: QMIX cannot perceive its own communication state, so under jamming it coordinates confidently on stale information. The fix: a two-process architecture — frozen QMIX explorer feeding a KL-anchored Navigator that stays stable when comms degrade.

┌─────────────────────────────────────────────────┐
│          Under Chase Jammer                      │
│  ┌──────────────────┬──────────────────────────┐ │
│  │  Baseline QMIX   │  SWARN (Nav + QMIX)      │ │
│  │     42.5%         │     55.5%  ▲ +13.0 pts   │ │
│  └──────────────────┴──────────────────────────┘ │
└─────────────────────────────────────────────────┘

What I built:

  • Diagnosed QMIX's blindness to comms state as structural, not a tuning issue
  • Engineered frozen-explorer + KL-anchored Navigator, validated across full S1–S12 config grid
  • 46 passing tests, VRAM guards, checkpoint auto-resume, strict env-parameter uniformity — reproducibility built in

PyTorch · QMIX · MAPPO · MARL · CUDA


🟢 MIMIC — Behavioral Evasion via Synthetic Mouse Dynamics

The model that fooled every bot detector it met.

Hybrid LSTM + DDPM framework synthesizing human-indistinguishable mouse-motion trajectories — an adversarial stress test for behavioral-biometric defenses.

┌───────────────────────────────────────────────────────────────┐
│  Jensen–Shannon Divergence    0.1478    Near-human match      │
│  Bot-detector evasion         100%      Every detector beaten │
│  Custom behavioral dataset    212,568   Hand-collected corpus │
└───────────────────────────────────────────────────────────────┘

What I built:

  • Combined LSTM temporal structure + DDPM stochastic realism — neither alone hits human-level JSD
  • Built 212K-sample behavioral dataset from scratch
  • Reframed as defense research: a generator this good is a benchmark forcing next-gen detectors to be robust

Python · PyTorch · DDPM · LSTM · Adversarial ML


$ ls ./deployed/

9,000× smaller than DistilBERT. F1 0.948.

From-scratch MLP on 29 hand-engineered features. Cascading inference: rule scorers in ~1ms, MLP in ~3ms. Per-feature attribution on every verdict.

12,545 params · 1,527 emails/s · ~50 KB

Try it

Windows Attack-Surface Enumerator

Read-only PowerShell recon — services, ports, autostart vectors, firewall rules, scheduled tasks, browser extensions. Optional Isolation Forest anomaly scoring. HTML dashboard.

PowerShell · Python · Red Team

Static Vulnerability Scanner

AST + Regex hybrid catching 30+ vuln classes in Python. Severity-graded, rich CLI. 100% local — no API calls, no cloud, no telemetry.

Python · AST · AppSec


$ cat arsenal.yml

Core  



ML / Research   PyTorch scikit-learn NumPy Pandas HuggingFace CUDA

Offensive Security   Burp Metasploit Nmap Wireshark ZAP Scapy


$ git log --stat




$ git log --oneline --all

2024 ─┬─ Aug   git init — GitHub account created
      ├─ Oct   SPH1NX · P.R.I.S.M · Phish_Byte shipped
      └─ Dec   🏆 Best Paper + Best Presentation @ NCTAAI 4.0

2025 ─┬─ Jan   T.E.M.P.E.S.T v1 — PowerShell + ML anomaly scoring
      ├─ Feb   S.I.F.E.R · Sparakthon
      ├─ Mar   Research Intern @ ICAR
      ├─ May   Research Intern @ DIAT · DRDO-affiliated  ← current
      └─ Jun   SWARN Phase A — 1,050-run benchmark complete

2026 ─┬─ Jan   SWARN Phase D — Navigator+QMIX — +13 pts under jammer
      ├─ Feb   EVELYN initiated — quantum graph phishing detection
      ├─ Mar   MIMIC complete — JSD 0.1478 · 100% evasion
      ├─ Jun   SWARN → IEEE TNNLS · EVELYN Stage 2 · Phish_Byte live on 🤗
      └─  ??   Next structural failure condition...

🤝 Let's build something adversarial

┌──────────────────────────────────────────────────────────────────┐
│                                                                    │
│   Open to research collaborations, red-team engagements,           │
│   CTF teams, and MS/PhD opportunities in adversarial AI.           │
│                                                                    │
│   If you work where AI meets offensive security — let's talk.      │
│                                                                    │
└──────────────────────────────────────────────────────────────────┘

LinkedIn Portfolio HuggingFace


// status: hunting structural failure conditions · last seen: DIAT, Pune

Pinned Loading

  1. AnonymousSingh-007 AnonymousSingh-007 Public

    Config files for my GitHub profile.

  2. EVELYN EVELYN Public

    Email Verification & Exploit Localization Yield Network — Quantum Graph Phishing Infrastructure Detection [[RESEARCH PROJECT]]

    Python

  3. T.E.M.P.E.S.T T.E.M.P.E.S.T Public

    Threat-surface Enumeration: Modules, Ports, Extensions, Schedules & Tasks ALL IN POWERSHELL

    PowerShell

  4. RAV3N-sec RAV3N-sec Public

    AI + Regex Vulnerability Scanner for Python/JS. Local, pip-installable

    HTML 1

  5. Phish_Byte Phish_Byte Public

    Phish_Byte is a Python-based email analysis tool designed to detect phishing and spoofing attempts. It examines email headers for domain consistency, analyzes embedded URLs for security and anchor …

    Python 1

  6. MARL-Research MARL-Research Public

    Two-process MARL for jamming-resilient drone swarms: frozen QMIX explorer + KL-anchored Navigator. +13pts detection under reactive jammer. DIAT/DRDO research.

    Python 1