naisguy/sec-portfolio

# Cybersecurity Portfolio A collection of 10 hands-on cybersecurity projects demonstrating blue team and red team capabilities, including SIEM configuration, network analysis, vulnerability assessment, penetration testing, malware analysis, and threat hunting. ## Projects 1. **SOC Lab (Wazuh)** - SIEM setup, SSH brute force detection, custom detection rules, alert configuration 2. **Network Traffic Analysis (Wireshark)** - Live traffic capture, protocol analysis, DNS/HTTP/ICMP investigation, port scanning detection 3. **Active Directory Penetration Test** - User enumeration with kerbrute, Kerberos attack vectors, lateral movement techniques 4. **Vulnerability Assessment (Nmap)** - Full network scanning, CVE identification, CVSS scoring, remediation planning 5. **Web Application Penetration Testing (DVWA)** - SQL Injection, Reflected XSS, Command Injection exploitation, OWASP Top 10 6. **Malware Analysis** - Static analysis (VirusTotal), hash analysis, suspicious import detection, threat intelligence correlation 7. **Phishing Simulation** - Email template design, social engineering assessment, click-through metrics, user awareness training recommendations 8. **Threat Hunting** - Log analysis, post-exploitation detection, MITRE ATT&CK mapping, IOC identification 9. **Firewall & IDS Configuration (UFW/Suricata)** - Stateful firewall rules, rate limiting, intrusion detection, threat intelligence rule deployment 10. **Incident Response Playbook** - IR procedures, attack timeline analysis, containment strategies, post-incident lessons learned ## Key Skills Demonstrated - Security monitoring and alerting (Wazuh) - Network traffic analysis and forensics (Wireshark) - Vulnerability scanning and remediation (Nmap) - Web application security testing (DVWA, OWASP) - Malware analysis and threat intelligence (VirusTotal) - Active Directory enumeration and attacks (kerbrute, Impacket) - Firewall and IDS deployment (UFW, Suricata) - Threat hunting and forensic investigation - Incident response and post-mortem analysis ## Tools & Technologies **Monitoring & Detection:** Wazuh, Suricata, UFW **Network Analysis:** Wireshark, tcpdump, Nmap **Penetration Testing:** DVWA, kerbrute, Hydra, Impacket **Malware Analysis:** VirusTotal, PEStudio **Lab Environment:** VirtualBox, Ubuntu, Parrot OS, Windows ## Lab Environment - **Hypervisor:** VirtualBox - **Host-Only Network:** 192.168.236.0/24 - **Ubuntu Server:** 192.168.236.3 (Wazuh manager) - **Parrot OS:** 192.168.236.5 (Attack machine) - **Windows:** 192.168.236.10 (Domain Controller - AD lab) ## Getting Started Each project folder contains: - Detailed technical report (PDF/DOCX) - Screenshots and evidence - Commands and configurations used - Findings and remediation steps Nas Cybersecurity student | Blue Team & Red Team | Hands-on security labs Last Updated: May 3, 2026