Cybersecurity researcher. I work on the security and privacy of LLM and agentic AI systems, with a background in OSINT and digital forensics. MS in Cybersecurity (SZABIST, 2026). I build security tooling, evaluate it, and release the work as open code.
ORCID 0009-0007-2787-943X · LinkedIn · alibhutto101112@gmail.com
- Alphasearch: open-source data-acquisition pipelines.
- OWS: multi-agent system deployment.
- Complai: multi-framework compliance platform.
Detailed CV: thunderstornX.github.io
Changes I wrote and had merged into established security and OSINT tools, each reviewed by the project maintainers.
| Project | Contribution | PR |
|---|---|---|
| blacklanternsecurity/bbot | SPF IP and CIDR extraction in the DNS target engine | #3144 |
| intelowlproject/IntelOwl | RDAP analyzer for domain and IP enrichment | #3760 |
| MISP/misp-modules | RDAP expansion module | #785 |
| TheHive-Project/Cortex-Analyzers | OpenCVE analyzer | #1458 |
| soxoj/maigret | Neo4j graph export for OSINT results | #2774 |
Self-directed projects, released as open source and archived on Zenodo. Independent work, not peer-reviewed.
| Project | Description | DOI |
|---|---|---|
| llm-red-team-toolkit | Adversarial probe harness for LLM deployments, mapped to the OWASP Top 10 for LLM Applications | 10.5281/zenodo.20480444 |
| ai-governance-checker | Pre-deployment governance audit for LLM system prompts (OWASP LLM Top 10, NIST AI RMF, EU AI Act) | 10.5281/zenodo.20480458 |
| lattice | Accountability layer for multi-agent AI using content-addressed, signed claim graphs | 10.5281/zenodo.20341934 |
| agentic-osint-agent | Autonomous agent for evidence-grounded open-source investigation | 10.5281/zenodo.20480446 |
| rag-threat-intel | Retrieval-augmented pipeline for threat-intelligence question answering | 10.5281/zenodo.20480465 |
| forenix-oss | OSINT-to-evidence platform with a cryptographic chain of custody | 10.5281/zenodo.20329059 |
More public, Zenodo-archived projects are on my repositories page.
A study on the reliability of automated scoring in LLM red-team evaluation, in preparation for a peer-reviewed venue.
Master's-level work, self-archived on Zenodo. Not peer-reviewed.
- OSINT in Action: a comparative study of OSINT tools for social-media and network intelligence. 10.5281/zenodo.16921792
- Navigating the Legal Labyrinth: a framework for ethical and compliant OSINT operations. 10.5281/zenodo.16924934
- A Comprehensive Review of Meshtastic and Similar Networks. 10.5281/zenodo.16925037
Languages: Python, TypeScript, Bash, C, SQL. Infrastructure: Docker, Linux, PostgreSQL, FastAPI, pytest, Git. LLM and agentic: Claude, OpenAI, LangChain, LangGraph, CrewAI, RAG, Model Context Protocol, and self-hosted open-weight models (Llama, GLM) via Ollama and NVIDIA NIM. Security and OSINT: Burp Suite, Metasploit, Nmap, Nessus, Wireshark, Belkasoft; subfinder, httpx, nuclei, amass, maigret, Spiderfoot, Maltego. Standards: MITRE ATT&CK, STRIDE, OWASP Top 10 and LLM Top 10, NIST CSF, NIST AI RMF, ISO/IEC 27001.

