Omkar Totade

Arizona State University

Master of Computer Science, Computer Science

August 1, 2015 – May 1, 2017

University of Mumbai

Bachelor of Engineering (B.E.), Computer Engineering

August 1, 2010 – June 1, 2014

Aeeiee, Inc.

Senior Software Engineer

June 1, 2025 – Present

Aeeiee, Inc.

Senior Software Engineer

February 1, 2024 – June 1, 2025

Aeeiee, Inc.

Senior Software Engineer

April 1, 2023 – February 1, 2024

Aeeiee, Inc.

Lead Developer

July 1, 2020 – April 1, 2023

Aeeiee, Inc.

Back-End Web Developer II

January 1, 2019 – July 1, 2020

Aeeiee, Inc.

Back-End Web Developer

August 1, 2017 – January 1, 2019

Arizona State University

Customer Service Specialist - Student Worker

June 1, 2016 – May 1, 2017

Tempe, Arizona · On-site

Tata Consultancy Services

Assistant System Engineer Trainee

December 1, 2014 – July 1, 2015

Mumbai, Maharashtra, India · On-site

Spatial Data Storage for Java minibase implementation

June 1, 2016 – Present

Extended the functionality of the Java minibase created by Dr. Raghu Ramakrishnan to incorporate the storage of spatial data (shapes like rectangle, triangle and circle). Our implementation allowed the user to create tables to store spatial data of the Oracle type SDO_GEOMETRY, using SQL queries and also insert data into the created tables using the INSERT statements in SQL. In addition to storing the spatial data, we also performed processing and retrieval of the stored spatial data using SELECT statements of SQL. The following select queries were implemented, 1. Using SELECT to calculate the minimum distance between any two stored shapes. 2. Using SELECT to calculate the area of a particular stored shape. 3. Using SELECT to calculate the intersection of any two stored shapes. We used simple Math functions to calculate the distance and area, and used the JTS library for calculating the intersection of two shapes. The intersection function would return the coordinates of the intersecting shapes. Finally, also created an index on the shapeName attribute of the spatial data table using a Binary Tree data structure that already existed in the minibase. All data was stored on disk using Heap files and retrieved using the FileScan method that already existed in the minibase code.

'Safeprintf' library for preventing Format String Vulnerabilities in C for the printf family functions

April 1, 2016 – Present

The printf function in C is vulnerable to attacks using incorrect format specifiers and corresponding incorrect or unequal parameters. Attackers can use the '%n' format specifier in an incorrectly written printf (or any function from the printf family) function We designed a 'safeprintf' library that would prevent such unaccounted access to memory, thus preventing an attacker from making illegitimate writes to the memory and giving him a chance to execute arbitrary shell code with higher permissions. Using the LD_PRELOAD interface, we designed our own version of the printf function without altering the functionality of the original printf function. Thus any user could simply load our library in his environment, if he feels that his code might be vulnerable to a format strings attack. We redesigned all of the printf family functions (printf, fprintf, sprintf, snprintf, vprintf, vfprintf, vsprintf, vsnprintf) to prevent them from being vulnerable.

Attacking 15 levels of vulnerable C programs

March 1, 2016 – Present

Broke through a series of C programs that were vulnerable to various kinds of attacks. Some of the common exploits used were, Buffer overflow attacks, integer overflow attacks, directory traversal attacks, Home directory attacks, etc. All the above exploits were used in some or the other way to execute shell code or to pop up a new shell with the access rights of the vulnerable program(root in most cases).

Data Exfiltration using IP Datagram

February 1, 2016 – Present

Implemented a Python script that used the python-scapy library that allowed manipulating the contents of the IP packet, and then sending that packet to a specific IP address (usually the victim's). The script would encode any given ASCII text in the IP packets and then send these packets to the victim's machine to, in a way exfiltrate data from a potential database on his machine. The Identification and Fragment Offset fields of the IP packet were manipulated to achieve this. The IP datagram would hold any one of the three given packets as its underlying packets, 1. ICMP Echo Request Message. 2. TCP SYN packet to port 80. 3. UDP packet to port 53.

REST services for implementing RMM Level 0 and Level 2 Web Services

February 1, 2016 – Present

Implemented Richardson Maturity Model Level 0, POX (Plain Old XML) over HTTP services for a FoodItems database and Level 2, CRUD services for a grade book database of a class using REST services in Java. Also used Java Swings UI for designing a GUI for the application. Both the services were implemented using the Jersey Client API and Maven repositories. POX over HTTP represents a single URI and single HTTP verb ind of services, whereas CRUD services represent a multiple URI and multiple HTTP verbs kind of web services. Designed a client that communicated with using the Swings GUI with the server application for both the services.

Encryption and Decryption Algorithms with MD5 Hashing and Cryptanalysis

January 1, 2016 – Present

Designed a reversible Encryption algorithm that uses the 'Confusion' concept of Cryptography to construct ciphertexts from plaintexts, using a 32 bit key.The algorithm can read plaintexts from any type of file (.txt, .pdf, .jpeg) and use a 32 bit key to convert it to a ciphertext. It can also decrypt the given ciphertext back to the original plaintext using the same 32 bit key that was used to encrypt it. Also designed a brute force approach to crack the key if the plaintext and the ciphertext are known. Also involved brute forcing an encryption algorithm designed using the MD5 hashing technique, to find the key from 2^32 possible keys, on three different file formats namely, .pdf, .jpeg and .txt files, with the ciphertext-only cryptanalysis.

Backdoor "Web Server"

January 1, 2016 – Present

A web server makes a great pretense for a backdoor, because web traffic is so prevalent it does not raise red flags and ports 80 and 443 are frequently permitted through firewalls. Implemented a minimal HTTP 1.1 web server using Socket Programming in Java. It was a backdoor that pretended to be a web server. The server supported valid HTTP 1.1 requests from HTTP clients. The backdoor functionality was that, whenever the server got any HTTP GET requests from the client for a URL of the form /exec/<command>, it would take the <command> and execute it using the equivalent of the Linuxsys call, and respond back with the stdout of the executed command.

Morris Worm Host Discovery for SSH

January 1, 2016 – Present

The Morris worm spread in part because it was able to discover other hosts that were trusted in an attempt to propagate. Implemented a Host Discovery functionality similar to the Morris Worm, but for the world of SSH. The program written in Java, would look for hosts in the following files for discovering new hosts to be infected, 1. /etc/hosts 2. ~/.ssh/config 3. /etc/ssh/ssh_config. 4. ~/.ssh/authorized_keys 5. ~/.ssh/known_hosts 6. /etc/ssh/ssh_known_hosts

Perceptron and MIRA classifier Learning

November 1, 2015 – Present

Implemented a Perceptron Machine Learning algorithm to improve the accuracy of reading hand written digits from about 10% to 78%. Also implemented the MIRA classifier algorithm on the same same hand written digits and improved the accuracy to 87%.

Non-preemptive Thread Scheduling and Context Switching using C

October 1, 2015 – Present

Implemented a circular doubly linked list to store the Thread Control Blocks (TCB) of threads, and used various queuing routines to run multiple functions as separate threads as a part of non-preemptive scheduling. The effect of Context Switching between threads was shown using local and global variables.The project also involved use of Semaphores to allow mutual exclusion of a certain section of code. The classical OS problems of ‘Producers and Consumers’ and ‘Multiple Readers and Writers’ were solved using these Semaphores.

Using the Protege tool to design intelligent systems.

September 1, 2015 – Present

Used Protege, a tool designed at the Stanford University, to design intelligent systems using Description Logic in Artificial Intelligence. Built a database for a pizza restaurant and used non trivial queries for fast retrieval of data.

Chat-bots to help naive computer users for the Android OS

September 1, 2013 – April 1, 2014

An Android Application of a chat-bot to solve the technical queries of naive and amateur computer users. The user could type in his query in a chatting application that would reside over his phone and the chat-bot will converse with the user in simple language and help him overcome his technical problem. The Artificial Intelligence Markup Language (AIML) was used as a database for the project. AIML is a markup language that performs matching based on keywords. It uses various tags that help it to perform pattern matching and also remember upto 3 responses of the user and base it answers accordingly. The application development was done using the Eclipse IDE platform and the Android SDK Tools. An AIML- Java Interpreter was used to provide communication between the Java program and the AIML database files. Designing each chatbot required careful use of tags and we developed upto 3 personalities of chatbots to talk to the users, each differing in the responses that it gave to the users.

Claude Code in Action

Anthropic

June 28, 2026 – Present