About Me
Hi, I'm Arjun! A recent graduate from Northeastern University with a B.S. in Cybersecurity.
I love all things cyber and tech: homelabbing, tinkering with old devices, malware development, investigating logs and blue-teaming, and simulated DFIR exercises. I keep up with current threats by listening to the CyberWire Daily and following my RSS feed.
My hobbies outside of tech include combat sports, cooking, playing the drums, watching sports (go Giants, Islanders, Knicks, and Yankees), and gaming.
About This Page
I wanted to make a personal site as a way to show off my personality, keep everything I like keeping track of in one place, and present myself to employers in a way that feels uniquely mine. I wanted to make the website look like an old Windows XP Notepad for 2 reasons.
1. I love old tech, hardware and software that was built just to be used, not to track you or harvest your data. The Notepad aesthetic felt like a natural way to reflect that.
2. I use the notepad app on my laptop ALL. THE. TIME. I'm actually even using it right now to write the first draft of this page.
Computer Systems Security Teaching Assistant - Northeastern University | Jan - May 2026
- Teaching Assistant for the masters course, Computer System Security (CY5130), taught by Professor Jose Sierra.
- Graded assignments and created rubrics for assignments on: Buffer overflow attacks, Kerberos enterprise authentication, SELinux, Role Based Access Control using k8s, and OSquery.
Co-Founder and Treasurer - NU Security Club | Jan 2025 - May 2026
- Relaunched the NU Security Club (NUSEC) to create a space for students passionate about cybersecurity to learn, network, and grow
- Organized guest speaker events: coordinating experts from Google, MITRE, State Street and more to provide career insights and technical advice
- Organized bimonthly general meetings educating and connecting Northeastern Students who are interested in Cybersecurity
- Managed club finances, budgeting, and fundraising while ensuring compliance with Northeastern’s financial guidelines.
Information Security Co-op - Alnylam Pharmaceuticals | Jul - Dec 2025
- Monitored and triaged the Mimecast Email Gateway, distinguishing legitimate communications from phishing, malware, and policy violations, reducing exposure to malicious emails reaching employee inboxes.
- Automated Active Directory metrics collection with PowerShell scripts, replacing manual processes and supporting IAM hygiene efforts.
- Helped in updating and standardizing incident response documentation for reporting, blocking, and remediating malicious senders and phrases in emails, improving response consistency and reducing turnaround time for email threats.
- Led Duo trust monitoring efforts by correlating Duo authentication logs with Rapid7 SIEM and SentinelOne EDR telemetry to investigate anomalous login activity, strengthening detection of compromised or suspicious accounts.
- Monitored and responded to data movement and access activity across Box, Microsoft 365, and SentinelOne USB reports to prevent potential intellectual property loss.
- Co-led Cybersecurity Awareness Month initiatives by designing interactive games and engagement activities, increasing employee participation and awareness of security best practices.
- Actively managed the KnowBe4 PhishER queue by investigating reported emails, responding to incidents, and removing confirmed phishing messages from user inboxes, helping limit lateral spread of email-based threats.
- Created a comprehensive documentation repository for incoming co-ops detailing security tools, workflows, and best practices, significantly reducing the manual time spent by managers and teammates on onboarding and knowledge transfer.
IT Infrastructure and Applications Co-op - Northland Investments Corp. | Jul - Dec 2024, May - Jun 2025
- Managed user access controls, onboarding/offboarding processes, and resolved helpdesk tickets related to system permissions and any other issues in the IT applications.
- Supported the migration of vendor PCs to Microsoft Intune, automated IT invoice processing, and optimized data workflows.
- Designed, developed, and validated Power BI dashboards, leveraging data insights to support business decisions.
- Queried large datasets and created custom SQL tables for budgeting, bonus calculations, and data analysis.
- Developed Excel-based automation tools to streamline recurring monthly tasks and improve efficiency.
- Returned to Northland in the summer of 2025 continuing the same work.
Fundamentals of Computer Science I Teaching Assistant - Northeastern University | Sep - Dec 2023
- Served as a student TA for an introductory CS course the semester after completing it myself
- Hosted weekly office hours and led a weekly lab recapping that week's material
- Graded assignments and provided feedback to students
- Developed technical communication skills by breaking down concepts for students at all skill levels
Crew Member - Chipotle Mexican Grill | Aug 2021 - Aug 2022
- Worked part-time in a high-volume fast food environment during high school
- Built interpersonal and communication skills through constant customer-facing interactions
- Developed composure under pressure during high-volume lunch and dinner rushes
- My first experience working against the clock as part of a team
Simple Bear: Linux Rootkit with Reflective Loading, Kernel Hooks & Covert C2 Comms | Apr 2026
Built a full-chain Linux 6.6 implant with two classmates for a kernel security course at Northeastern.
Simple Bear starts with an initial shellcode delivered to a vulnerable service (provided by our professor), then escalates privileges by walking the kernel's task_struct linked list and zeroing credential fields via a vulnerable read/write driver - all loaded reflectively into memory without ever touching disk as a named file. After privileged escalation is achieved, we load our rootkit.
The rootkit itself spawns a reverse shell back to our C2 and uses various hooks to hide processes, directories, and the module itself. A covert C2 channel issues commands through the kill syscall, and a DECLARE_DELAYED_WORK resurrection mechanism respawns our reverse shell if it dies - automatically tearing itself down after 4 failed attempts.
This was one of the most fun school projects I had a pleasure to work on and definitely the one I learned the most while doing!
View the poster here!Capstone Penetration Test of the National Internet Observatory | Feb - Apr 2026
Conducted a full penetration test of the National Internet Observatory (an NSF-funded academic research platform) with four classmates as part of our senior capstone at Northeastern. Operated under a formal Rules of Engagement, communicated findings directly to NIO staff, and delivered a professional assessment report with CVSS-scored findings and remediation recommendations. Assessed both public-facing infrastructure (web domains, mobile apps, browser extension) and researcher-facing internal systems (VPN/VDI enclave, LDAP, MinIO S3, RDP) - targeting information disclosure, privilege escalation, and lateral movement across both surfaces.
A redacted version of our final report is available to recruiters upon request. Huge thank you to the NIO team for letting us do this as our capstone project!
My Current Hobbies Outside of Tech Include:
- Jiu Jitsu and Muay Thai
- Cooking
- Playing the drums
- Watching sports (go Giants, Islanders, Knicks, and Yankees)
- Chess (even though I'm terrible at it)
- Tennis
- Gaming
- Collecting vinyl records and CDs
- And more! I'm always looking to try new things and pick up new hobbies, so this list is always changing.
Arjun Uppal - Notepad