Lead Security Engineer · 2024

Phantom

INNEFU Labs (DRDO-affiliated), Ministry of Defence, India

1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 1 1 1 1 0 0 1 0 1 1 0 1 0 0 1 1 1 1 1 0 1 0 0 1 1 1 0 1 0 1 1 1 0 0 1 0 0 1 1 1 1 0 0 1

The Challenge

India's Ministry of Defence oversees 50+ mission-critical government web assets — each a potential attack vector for nation-state adversaries. Security teams were drowning in manual vulnerability assessments: fragmented tooling, no centralized reporting, and scan-to-report cycles that took days instead of hours.

The Approach

Rather than patching together off-the-shelf scanners, I architected Phantom from the ground up as a modular, plugin-based automation framework. Django was chosen for its battle-tested ORM and admin interface, while ASGI enabled real-time asynchronous vulnerability triage. An LLM pipeline using LangChain and LangGraph was integrated for auto-triage.

The Solution

Core Engine: Django 4.2 + Python 3.11 + ASGI with extensible plugin architecture
10+ Tool Integrations: SQLmap, ZAP Proxy, Nmap, Nuclei, Selenium Wire, Wappalyzer, AMASS, Dirsearch, Ghauri
AI-Powered Triage: LangChain + LangGraph LLM pipeline for auto-classifying vulnerabilities
VM Orchestration: Geo-network segmented virtual machine provisioning, scaling 10+ virtual nodes
Auto-Generated Reporting: Real-time dashboards + Splunk SIEM integration

The Impact

0% Better Threat Detection

0% Scan Optimization

0x Faster Coverage

0% Report SLA Reduction

Tech Stack

Python Django ASGI LangChain LangGraph SQLmap ZAP Nmap Nuclei Splunk

“Phantom transformed national defense cybersecurity from a manual, days-long process into an AI-augmented, parallelized operation — proving that defense-grade security can be both automated and intelligent.”

Read the Deep Dive Building AI-Powered Cybersecurity Automation →

Next Case Study PulseBoard →