SetDoshi/M.D. Portfolio Sheet04 of 06 Scale1:1 Rev02 · 2026-05 StatusIssued for review
Sheet / 04

Assembly Details / Shipped Tooling

Drawn M.D.
Chk'd M.D.
Date 2026·05·12

Tooling, exploded.

Production-ish artefacts I've built or am actively building. Each assembly shown with its component parts list, what it does, what it's made of, and what it has replaced.

A
Assembly Drawings
ASM
001

Seculogg

// Intrusion Alert System
SEP 2023 / AUG 2024 STATUS · STABLE

A WordPress PHP plugin that logs and visualises brute-force login attempts at scale, paired with Python services that turn raw logs into real-time intelligence.

Telegram-bot alerting collapsed manual monitoring by 50%. Third-party IP-reputation APIs and geolocation enrichment cut investigation time by 40%, analysts know the origin and historical reputation of an attacker before they finish reading the alert.

10,000+ brute-force attempts captured.
// Component Parts List
P-01Python
P-02PHP
P-03WordPress
P-04Telegram API
P-05IP Intelligence
P-06GeoIP
P-07Real-Time Alerts
P-08Log Analysis
ASM
002

VulnCrawler

// Automated Vulnerability Scanner
● ONGOING · LIVE STATUS · ACTIVE

A Python framework that automates web vulnerability discovery, starting with XSS. Web scrapers, spiders, and form parsers identify injection points across target URLs; the engine crawls, injects payloads, and analyses responses end-to-end.

Used in my own disclosure workflow, particularly for reporting issues to organisations that don't run formal bug bounty or security-reporting programmes. The point: lower the friction of doing the right thing.

Lowering disclosure friction.
// Component Parts List
P-01Python
P-02Web Scraping
P-03Crawling
P-04HTML Parsing
P-05Payload Engine
P-06XSS Detection
P-07Async I/O
P-08Report Output
ASM
003

Disclosure Practice

// 2,500+ Reports · 850+ Sites · 1 CVE
2020 → CONTINUOUS STATUS · PERMANENT

Not an artefact. a practice. Targeted reconnaissance, exploit validation, and coordinated disclosure across web applications globally. Every finding ships with a written reproduction path and a remediation suggestion.

The work behind the Hall-of-Fame credits from Sony, Nintendo, Autodesk, and Michelin, and the published CVE-2023-37737.

Process over trophies. Always.
// Component Parts List
P-01Burp Suite
P-02OSINT
P-03Manual Pentest
P-04SQLmap
P-05Recon-ng
P-06SpiderFoot
P-07Coordinated Disc.
P-08Report Writing
T
Title Block
SubjectMANAV DOSHI
Drawn ByM. Doshi
CheckedM. Doshi
Sheet04 of 06
DisciplineCybersecurity
Scale1 : 1 (full)
Rev.02 · 2026·05