Skip to content
View thunderstornX's full-sized avatar

Highlights

  • Pro

Block or report thunderstornX

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
thunderstornX/README.md

Ali Murtaza Bhutto

Cybersecurity researcher. I work on the security and privacy of LLM and agentic AI systems, with a background in OSINT and digital forensics. MS in Cybersecurity (SZABIST, 2026). I build security tooling, evaluate it, and release the work as open code.

ORCID 0009-0007-2787-943X · LinkedIn · alibhutto101112@gmail.com

Experience

  • Alphasearch: open-source data-acquisition pipelines.
  • OWS: multi-agent system deployment.
  • Complai: multi-framework compliance platform.

Detailed CV: thunderstornX.github.io

Open-source contributions

Changes I wrote and had merged into established security and OSINT tools, each reviewed by the project maintainers.

Project Contribution PR
blacklanternsecurity/bbot SPF IP and CIDR extraction in the DNS target engine #3144
intelowlproject/IntelOwl RDAP analyzer for domain and IP enrichment #3760
MISP/misp-modules RDAP expansion module #785
TheHive-Project/Cortex-Analyzers OpenCVE analyzer #1458
soxoj/maigret Neo4j graph export for OSINT results #2774

Research software

Self-directed projects, released as open source and archived on Zenodo. Independent work, not peer-reviewed.

Project Description DOI
llm-red-team-toolkit Adversarial probe harness for LLM deployments, mapped to the OWASP Top 10 for LLM Applications 10.5281/zenodo.20480444
ai-governance-checker Pre-deployment governance audit for LLM system prompts (OWASP LLM Top 10, NIST AI RMF, EU AI Act) 10.5281/zenodo.20480458
lattice Accountability layer for multi-agent AI using content-addressed, signed claim graphs 10.5281/zenodo.20341934
agentic-osint-agent Autonomous agent for evidence-grounded open-source investigation 10.5281/zenodo.20480446
rag-threat-intel Retrieval-augmented pipeline for threat-intelligence question answering 10.5281/zenodo.20480465
forenix-oss OSINT-to-evidence platform with a cryptographic chain of custody 10.5281/zenodo.20329059

More public, Zenodo-archived projects are on my repositories page.

In progress

A study on the reliability of automated scoring in LLM red-team evaluation, in preparation for a peer-reviewed venue.

Preprints

Master's-level work, self-archived on Zenodo. Not peer-reviewed.

  1. OSINT in Action: a comparative study of OSINT tools for social-media and network intelligence. 10.5281/zenodo.16921792
  2. Navigating the Legal Labyrinth: a framework for ethical and compliant OSINT operations. 10.5281/zenodo.16924934
  3. A Comprehensive Review of Meshtastic and Similar Networks. 10.5281/zenodo.16925037

Tech

Languages: Python, TypeScript, Bash, C, SQL. Infrastructure: Docker, Linux, PostgreSQL, FastAPI, pytest, Git. LLM and agentic: Claude, OpenAI, LangChain, LangGraph, CrewAI, RAG, Model Context Protocol, and self-hosted open-weight models (Llama, GLM) via Ollama and NVIDIA NIM. Security and OSINT: Burp Suite, Metasploit, Nmap, Nessus, Wireshark, Belkasoft; subfinder, httpx, nuclei, amass, maigret, Spiderfoot, Maltego. Standards: MITRE ATT&CK, STRIDE, OWASP Top 10 and LLM Top 10, NIST CSF, NIST AI RMF, ISO/IEC 27001.

Popular repositories Loading

  1. rag-threat-intel rag-threat-intel Public

    Sovereign RAG pipeline for vulnerability and threat-intelligence Q&A. Ollama + pgvector + FastAPI; compares 3 chunking strategies.

    Python 1

  2. lattice lattice Public

    Accountability layer for multi-agent AI systems. Content-addressed, cryptographically signed claim DAGs.

    Python

  3. secure-python-pipeline-template secure-python-pipeline-template Public

    Composable 4-gate DevSecOps pipeline template for Python: Semgrep + Trufflehog + Bandit + pip-audit

    Python

  4. osint-pipeline-demo osint-pipeline-demo Public

    Async Python reference pipeline for high-throughput OSINT data collection: aiohttp + asyncpg + token-bucket rate limiting + SHA-256 dedup. 18x speedup measured.

    Python

  5. sovereign-llm-quickstart sovereign-llm-quickstart Public

    Air-gap-capable on-prem LLM stack: Ollama + Open-WebUI + Nginx (TLS+basic-auth) + FastAPI hash-only audit log. ISO 27001 mapped.

    Python

  6. llm-red-team-toolkit llm-red-team-toolkit Public

    Adversarial probing harness for LLM deployments. 52 probes: OWASP LLM Top 10 (2025) + 8 jailbreaks. Rich-based TUI.

    Python