Azure Honeypot

• Extracted Windows Event Viewer metadata with PowerShell, forwarding it to a third-party API for geodata
• Configured Azure Log Analytics Workspaces to ingest custom logs containing geodata
• Visualized global RDP Brute Force attacks on a world map for insights into attack locations and magnitudes

Enhanced Logging and Intrusion Detection

• Deployed Splunk Enterprise (SIEM) for Centralized logging
• Enhanced logging using Sysmon
• Deployed Snort Intrusion Detection Systems (IDS)
• Forwarded all logs, including Snort logs, using Universal Forwarders

Snort Rules and OWASP Top 10

• Configured Snort IPS on DVWA webserver to showcase OWASP Top 10 vulnerabilities
• Demonstrated various web security attacks to highlight practical expertise in threat detection and prevention
• Developed tailored Snort rules for applicable vulnerabilities

Security Compliance and Monitoring Lab

• Deployed Wazuh into Active Directory Environment
• Supported compliance using the CIS Benchmark tool
• Configured FIM to detect integrity violations on a user’s Desktop directory
• Configured the Vulnerability Scanning module and scanned the Domain Controller and Windows 10 host

Vulnerability Management Lab

• Installed and Configured Nessus Essentials within an Active Directory Environment
• Conducted Non-Credentialed and Credentialed scans for baselining
• Remediated critical and high vulnerabilities

Active Directory Management

• Managed an Active Directory environment on Windows Server 2019
• Implemented and maintained AD DNS and DHCP services
• Implemented a Remote Access Server to support NAT
• PowerShell was used to automate the creation of 200+ User Accounts

GitHub

These are the Python projects on my GitHub

• Network Scanner
• Phone and Email Web Scraper
• SSH Bruteforce Script
• Directory Enumerator
• Subdomain Enumerator