I’m Kartik Sankhla — a digital-forensics and Linux security researcher, currently doing an M.Tech in Cyber Security at the National Forensic Sciences University (NFSU), Gandhinagar.

My focus is DFIR: digital forensics and incident response. I work across memory forensics, filesystem forensics (ext4/XFS/Btrfs/FAT32), malware analysis and reverse engineering, Android security, and the OT/ICS side of critical-infrastructure security. I’ve used Linux as my daily driver for over a decade, and most of my work lives close to the operating system.

Most of my research is hands-on Linux forensics: designing controlled, reproducible experiments to understand how systems behave under investigation, and building the tooling to support that analysis. Some of this work is currently under submission to a peer-reviewed venue — I’ll write more about it here once it’s published.

I also led the architecture for a Government-of-India 5G disaster-response hackathon proposal (RAKSHAK-NTN), which was shortlisted at the national level.

This site is where I write up what I’m investigating and building.