Ali Murtaza Bhutto

AI Security Engineer . OSINT and Digital Forensics

alibhutto101112@gmail.com linkedin.com/in/alimurtazabhutto github.com/thunderstornX ORCID 0009-0007-2787-943X Karachi, Pakistan . Remote

MSc Cybersecurity (SZABIST, Sindh HEC Indigenous Scholar) who builds production security systems across OSINT, digital forensics, and applied AI. Work spans intelligence-acquisition pipelines, cryptographic chain-of-custody tooling, agentic multi-agent systems, and the frameworks that keep open-source intelligence defensible and lawful. Currently building a multi-framework compliance platform at Complai and deploying multi-agent systems at OWS (openworkforce.systems).

Experience

Open-Source Data Acquisition Specialist, Alphasearch Apr 2025 to Apr 2026 . US (remote)

Engineered scalable OSINT acquisition pipelines across a large and varied set of sources.
Designed high-performance scraping systems in Python and Selenium with custom concurrency patterns.
Operated containerised data pipelines on Docker and Linux with high availability.
Applied regex parsing, deduplication, and real-time enrichment on large datasets under OSINT and GDPR compliance.

Information Security Consultant, CybeRisk Solutions 2025 to Feb 2026 . Karachi

Conducted security assessments against ISO 27001, NIST, and regional standards.
Performed penetration testing and vulnerability assessments for enterprise clients.
Led incident response and forensic investigations, with risk-rated technical reports and remediation plans.

Red Team Operator and Business Analyst, The Cosmic Dolphins 2023 to 2025 . Switzerland (remote)

Conducted firmware security reviews and identified vulnerabilities in embedded systems.
Developed and executed custom exploits to validate weaknesses, then verified patch effectiveness.
Authored security documentation aligning product requirements with technical implementation.

Selected Projects and Research

forenix-oss . open-source OSINT-to-evidence platform

Turns public-source intelligence into tamper-evident, audit-ready evidence: a SHA-256 forward-chained audit log, three independent attestation backends (local, GitHub, Sigstore Rekor), and a multi-agent OSINT pipeline across six LLM providers, with an optional SAT auditability trace. TypeScript, Next.js, Prisma. Live at forenix.tech.

DOI: 10.5281/zenodo.20329059

lattice . accountability layer for multi-agent AI

Content-addressed, cryptographically signed claim graphs with a revocation waterfall for autonomous multi-agent systems. Python.

DOI: 10.5281/zenodo.20341934

agentic-osint-agent . autonomous public-source OSINT

LangGraph ReAct agent over five read-only OSINT tools (WHOIS, DNS, Shodan InternetDB, GitHub dorks, Wayback) with a deterministic evidence ledger and a real 20-target benchmark.

DOI: 10.5281/zenodo.20480446

llm-red-team-toolkit . OWASP LLM Top 10 probing

Adversarial harness of 47 probes plus 8 jailbreaks mapped to the OWASP LLM Top 10 (2025), with a deterministic heuristic scorer and a runtime authorization gate.

DOI: 10.5281/zenodo.20480444

ai-governance-checker . LLM governance audit

Pre-deployment risk evaluation of LLM system prompts against the OWASP LLM Top 10, NIST AI RMF 1.0, and the EU AI Act, with a reproducible labelled eval (rules-only F1 0.96).

DOI: 10.5281/zenodo.20480458

rag-threat-intel . sovereign threat-intel RAG

Retrieval-augmented CVE and threat-intel Q&A on Ollama, pgvector, and FastAPI, comparing three chunking strategies with MRR and answer-faithfulness evaluation.

DOI: 10.5281/zenodo.20480465

Additional open-source, all Zenodo-archived

osint-pipeline-demo (async OSINT collection), secure-python-pipeline-template (four-gate DevSecOps), threat-model-generator (STRIDE), dark-web-monitor-lite, osint-methodology-vault, meshtastic-security-audit, docker-osint-stack, firmware-analysis-walkthrough, credential-leak-scanner, sovereign-llm-quickstart, cursor-vibe-starter. Each carries an MIT licence, a CITATION.cff, and a resolving Zenodo DOI. Full list at github.com/thunderstornX.

Preprints

Master's-project preprints, self-archived on Zenodo.

OSINT in Action: a comparative study of OSINT tools for social-media and network intelligence. DOI 10.5281/zenodo.16921792
Navigating the Legal Labyrinth: a framework for ethical and compliant OSINT operations. DOI 10.5281/zenodo.16924934
A Comprehensive Review of Meshtastic and Similar Networks: applications, security, and performance. DOI 10.5281/zenodo.16925037

Education

MSc, Cybersecurity, SZABIST 2026 . Karachi

Department of Computing. Focus: open-source security and network intelligence. Sindh HEC Indigenous Full Scholarship.

BS, Computer Science (Cybersecurity), SZABIST 2023 . Karachi

Sindh Endowment Fund Full Merit Scholarship.

Skills

Languages Python, TypeScript, Bash, C, R

Security OSINT pipelines, DFIR, threat intelligence, penetration testing, vulnerability assessment

Tools Burp Suite, Metasploit, Nmap, Wireshark, Nessus, Belkasoft, Docker

Standards ISO 27001, NIST CSF, GDPR, OWASP

Certifications

CEH v13 (EC-Council) . Belkasoft Android and Windows Forensics . ISO/IEC 27001:2022 Information Security Associate . Certified Network Security Practitioner . Certified AppSec Practitioner v2 . Google Data Analytics and Business Intelligence . Stanford Machine Learning

Languages

English (professional). Urdu (native). Sindhi (native).