computing insecurities

whoami

3 min read

Below is a list of things I’m working on or have worked on (and the places where I did it)!

Now

RL environments, LLM evals, Building an agent product for fintech startup.

X dot com is where you’ll find the most recent updates of what I’m upto in life.

Composio: https://github.com/composiohq/composio

  • Last product I worked on was Rube.
  • Worked on the platform, API and documentation. Rebuilt and re-wrote the entire documentation (twice) while I was there :P
  • Initially I started with trying to improve tools and tool quality for LLMs. Ran evals (BFCL etc) and optimised the automated pipeline to write better tool schemas.

Lossfunk / LogQL Paper

  • Wrote a paper with Vishwanath on fine-tuning LLMs for observability and log query languages.
  • Spoke about it at HasGeek RootConf 2024. Talk here
  • Also did this while I was brushing up on math during Lossfunk — an AI residency out in Bangalore.

Julephttps://github.com/julep-ai/julep

  • Worked on the repo. I once screwed up the git history while cleaning it lol. Actually contributing to a work-in-progress but well-designed architecture was eye-opening.
  • Ran evals on fine-tuned models, Made a dataset, that reached HN front page and helped clean some other datasets. First time getting my hands dirty with local llms, fine-tuning, inference, quantization, etc.
  • got much better at talking to ppl/customers and understanding what to build. social battery +10%!

Nous (Archived): https://github.com/noushq/

  • Built a bookmark search engine in 6 weeks. Got to ~300 ppl in a waitlist, 100 installs, and paying customers! Saw this as an absolute win.
  • Tried (& failed) to hit ramen profitability. I’ve written more about this part of my life on a Substack

IMDEA Research Institute

  • Worked on a research hypothesis trying to test the security of third party domains and the public suffix list which describes the effective top-level domains. Went down the rabbit hole of so many papers, blogs and even old mozilla bug threads!
  • Made an actual, usable ML pipeline for the first time! Did everything from scraping arbitrary domains from the internet concurrently, establishing the ground-truth, and then classifying it.

CloudSEK

  • Really fun security engineering internship where I ran phishing campaigns by chaining two vulnerabilities and gave an internal talk about it.
  • Made a service that used heuristics to identify the services used by websites. Made another service to scan for vulnerable Log4j servers. First time where I was thrown in front of a client and demoed a product (they converted too!)
  • Learnt so much about working in a cohesive team. Could just walk over to ppl and pick up projects for them. Discovered how to be high agency in a startup.

Miscellaneous stuff

  • Replicated a vulnerability in Microsoft’s N-RPC with a CVSS of 10. Write Up
  • Made an IMSI sniffer and saw all the repeating TMSI numbers around me. imsi-catcher! Also gave my first talk in front of people about software defined radio and hacking radio devices that semester. Video
  • Gave a talk about container runtimes and their internals at a systems and security meetup. Video

Backlinks