Skip to content
View Megh089's full-sized avatar

Block or report Megh089

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Megh089/README.md

Hi, I'm Megh 👋

Computer Security student at York University (BSc, 2024–2029) building security tooling for drones and autonomous systems — GPS integrity, RF threat detection, and protocol auditing. Mostly Python, mostly Linux, always tested against something real.

I care more about whether a result survives a hard test than whether it looks good in a README. On my main project, it didn't, and that's the part I'd want you to read first.


Detects GPS spoofing on UAVs using nothing but the telemetry the autopilot already logs. No SDR, no extra hardware.

  • 3/3 spoofing attacks detected, 0 false alarms across 6 flights, 4 airframes, and 2 firmware generations — including a live HackRF attack that drifts the aircraft by under a metre.
  • The part I'd rather you read: my first attempt was a supervised Random Forest that scored 68% on a single train/test split. Good enough to ship. Instead I ran leave-one-flight-out cross-validation and accuracy collapsed to 17% — the model had memorised one airframe's thresholds and couldn't transfer. So I discarded it.
  • The rebuild was simpler than the thing it replaced: don't compare an aircraft to a library of other aircraft — watch each flight deviate from its own baseline. That version works, runs online with an adaptive baseline, and needs no per-flight tuning.
  • The 17% is documented in the repo, next to the result that worked.

Why it matters: the interesting skill here isn't the model. It's running the evaluation that could embarrass you, and then acting on it.

Python · scikit-learn · PX4 ULOG · pymavlink


Passive RF monitoring that detects and classifies drone controller signals using a software-defined radio.

  • Classifies signals across 3 communication protocols (SiK, Crossfire, ExpressLRS) by extracting frequency-domain features from raw IQ samples.
  • Fully passive — receive and analyse only, no transmission. Deliberately built on the defensive side of the line (Radiocommunication Act, Canada).
  • Validated on synthetic 433/915 MHz signals, and the README says so plainly rather than implying real captures.

Why it matters: knowing where your own validation stops being evidence.

Python · RTL-SDR · GNU Radio · scikit-learn


Command-line security auditing for MAVLink-based drones running ArduPilot and PX4.

  • Packet fuzzing, firmware reconnaissance, CVE correlation, encryption validation, and geofence integrity checks.
  • Tested against live attack simulations in ArduPilot and PX4 SITL — not just against my own assumptions.
  • Auto-generates structured JSON and PDF reports, replacing a manual write-up pass.

Python · Scapy · PyMAVLink · Wireshark · SITL


YOLOv8 model detecting and classifying 26 plant diseases from drone video, exported to ONNX for edge deployment with CSV logging.

Python · YOLOv8 · OpenCV · ONNX


💼 Experience

Freelance Web Designer · Self-employed, remote · Jan 2023 – Present Building and maintaining client websites end to end — HTML, modern CSS, JavaScript, responsive layouts — with input validation and secure form handling aligned to OWASP Top 10. Three years of running scope, deadlines, and clients with no management layer.

Front Desk Assistant · First Choice Medical Center · Sep 2022 – Feb 2023 Scheduling and records in a regulated healthcare setting, under privacy and records-handling protocols.


🛠️ Tech Stack

Languages: Python · Bash · C · JavaScript · SQL Security: Wireshark · Scapy · Binwalk · packet fuzzing · CVE research · OWASP Top 10 · vulnerability assessment RF & Robotics: RTL-SDR · GNU Radio · ArduPilot SITL · PX4 SITL · IQ sample processing · MAVLink ML & Data: scikit-learn · YOLOv8 · OpenCV · ONNX · matplotlib Platforms: Linux (Mint) · Windows · Git

In progress: CompTIA Security+ (SY0-701) · Amateur Radio Operator Certificate (Basic) — ISED Canada


🎯 What I'm looking for

Internships and junior roles in:

  • Security engineering — appsec, detection, or vulnerability research
  • Embedded, RF, or UAV systems — anywhere signal integrity actually matters
  • Data-heavy tooling where someone has to care whether the numbers are honest

If you're building something where the failure modes are interesting, I'd like to hear about it.

📫 meghjos06@gmail.com · LinkedIn · Brampton, ON

Popular repositories Loading

  1. drone-ag-inspector drone-ag-inspector Public

    YOLOv8 computer vision model that detects 26 plant diseases from video footage — built for agricultural drone inspection.

    Python

  2. drone-audit-framework drone-audit-framework Public

    Automated security auditing tool for MAVLink-based drones (ArduPilot/PX4) — packet fuzzing, firmware/CVE recon, encryption & geofence checks, and a live geofence breach test against SITL.

    Python

  3. rtl-drone-rf rtl-drone-rf Public

    RTL-SDR based drone RF threat detection system — captures and classifies RF signals using machine learning, matches them against known drone communication profiles (SiK, Crossfire, ExpressLRS), and…

    Python

  4. gps-spoof-detection gps-spoof-detection Public

    Detecting GPS spoofing on UAVs from flight telemetry — no SDR required.

    Python

  5. Megh089 Megh089 Public

    Config files for my GitHub profile.