I am a security engineer who builds production systems where OSINT, digital forensics, and applied AI meet. My work runs from intelligence-acquisition pipelines and cryptographic chain-of-custody tooling to agentic, multi-agent reasoning systems and the governance that keeps them lawful.
- Building forenix-oss, an open-source platform that turns public-source intelligence into tamper-evident, audit-ready evidence with a cryptographic chain of custody.
- Built open-source data-acquisition pipelines at Alphasearch (2025–2026).
- MSc Cybersecurity, SZABIST (Sindh HEC Indigenous Scholar).
- Interests: lawful OSINT, DFIR and evidence governance, agentic AI accountability, zero-trust enforcement.
- Building a multi-framework compliance platform at Complai.
- Deploying multi-agent systems at OWS (openworkforce.systems).
- Shipping forenix-oss (forenix.tech) and lattice.
- Customized agentic systems. Bespoke OpenClaw and Hermes instances, CrewAI and LangGraph crews tuned to your domain and workflows.
- Full cloud-based agentic pipelines. End to end, from acquisition and enrichment to reasoning and action, deployed on your own cloud.
- Sovereign model deployment. Self-hosted open-weight models (Zhipu GLM, Llama) on your infrastructure, so sensitive data never leaves your perimeter.
- OSINT, DFIR, and compliance tooling. Evidence-grade custody pipelines, multi-framework compliance, and threat intelligence.
Languages and core
AI and agentic
Web and data
Security and OSINT
OSINT toolchain
Standards and compliance
A running log of what I build and test on.
- Frameworks: CrewAI, LangGraph, LangChain, OpenClaw, Hermes, Model Context Protocol, Claude Code.
- Self-hosted and sovereign: Zhipu GLM, Llama via Ollama, NVIDIA NIM.
- Providers: Anthropic, OpenAI, Groq, OpenRouter, NVIDIA.
| Project | What it is | DOI |
|---|---|---|
| forenix-oss | OSINT-to-evidence platform: SHA-256 audit chain, three attestation backends (local, GitHub, Sigstore Rekor), multi-agent OSINT pipeline over six LLM providers, optional SAT auditability trace. Live at forenix.tech. | 10.5281/zenodo.20329059 |
| lattice | Accountability layer for multi-agent AI: signed, content-addressed claim graphs with a revocation waterfall. | 10.5281/zenodo.20341934 |
| agentic-osint-agent | LangGraph ReAct agent for public-source OSINT: five read-only tools (WHOIS, DNS, Shodan InternetDB, GitHub dorks, Wayback), a deterministic evidence ledger, and a real 20-target benchmark. | 10.5281/zenodo.20480446 |
| llm-red-team-toolkit | OWASP LLM Top 10 (2025) adversarial probe harness: 47 probes plus 8 jailbreaks, deterministic heuristic scorer, runtime authorization gate. | 10.5281/zenodo.20480444 |
| ai-governance-checker | Pre-deployment governance audit for LLM system prompts against OWASP LLM Top 10, NIST AI RMF 1.0, and the EU AI Act. Rules-only eval F1 0.96. | 10.5281/zenodo.20480458 |
| rag-threat-intel | Sovereign RAG pipeline for CVE and threat-intel Q&A (Ollama + pgvector + FastAPI), comparing three chunking strategies with MRR and faithfulness evals. | 10.5281/zenodo.20480465 |
Eleven more open-source repos, all public and Zenodo-archived: a high-throughput async OSINT pipeline, a four-gate DevSecOps template, STRIDE threat-model generation, defensive dark-web monitoring, a six-phase OSINT methodology vault, a passive Meshtastic packet-audit toolkit, a one-command Docker OSINT stack, a reproducible OpenWRT firmware-analysis walkthrough, a passive credential-leak scanner, an air-gap-capable sovereign-LLM stack, and an AI-directed-development starter. See all repositories.
Master's-project preprints, self-archived on Zenodo.
- OSINT in Action: a comparative study of OSINT tools for social-media and network intelligence. 10.5281/zenodo.16921792
- Navigating the Legal Labyrinth: a framework for ethical and compliant OSINT operations. 10.5281/zenodo.16924934
- A Comprehensive Review of Meshtastic and Similar Networks. 10.5281/zenodo.16925037
Email: alibhutto101112@gmail.com . LinkedIn: in/alimurtazabhutto . Open to roles and contracts in security engineering, OSINT, DFIR, and agentic AI.