sudo-rosh/sudo-rosh

# Hi, I'm Roshini Rachel John 👋 **MSc Cybersecurity & Digital Forensics** | SOC Analyst | DFIR Enthusiast 📍 Dubai, UAE | Open to India & Gulf opportunities 📫 roshini.john02@gmail.com | [LinkedIn](https://www.linkedin.com/in/roshini-john) ## About Me I'm a cybersecurity graduate with an MSc in Cybersecurity & Digital Forensics, actively building hands-on skills in SOC operations and digital forensic investigations. My background in forensic science gives me a strong foundation in evidence handling, chain of custody, and methodical investigation — skills I now apply to the digital world. I'm drawn to the investigative side of cybersecurity — starting from a single artifact and following the chain of evidence to reconstruct what happened, when, and how. ## Currently Working On - 🔵 Building a home SOC lab (Wazuh SIEM + Windows/Linux agents) - 🔍 Practising digital forensics with Autopsy and Volatility - 📚 Completing TryHackMe SOC Level 1 path - 🎯 Targeting SOC Analyst L1 and Junior DFIR Analyst roles ## Skills **SOC & Detection** - SIEM: Splunk, Wazuh - Log Analysis: Windows Event Logs, Syslogs, Firewall Logs - Network Analysis: Wireshark, Tcpdump, Nmap - IDS/IPS: Snort (basic rule writing) **Digital Forensics** - Disk Forensics: Autopsy, FTK Imager, Sleuth Kit - Memory Forensics: Volatility (in progress) - Artifact Analysis: Windows Registry, Prefetch, Event Logs - Evidence Handling: Chain of custody, forensic imaging **Operating Systems** - Windows: Event IDs, Registry, Group Policy, PowerShell - Linux: Bash, file permissions, log analysis **Programming & Scripting** - Python (log parsing, API automation) - Bash scripting - PowerShell **Frameworks & Tools** - MITRE ATT&CK - Cyber Kill Chain - VirusTotal, Any.Run, urlscan.io, Shodan ## Certifications & Learning - 🎓 MSc Cybersecurity & Digital Forensics (2025) - 📘 TryHackMe — SOC Level 1 Path (in progress) - 🎯 CompTIA Security+ (studying) ## Portfolio | Project | Description | Tools | |---|---|---| | [DFIR Portfolio](https://github.com/sudo-rosh/dfir-portfolio) | Hands-on Digital Forensics and Incident Response journey focused on practical investigations, artifact analysis, incident handling, and real-world DFIR workflows. | FTK Imager, Volatility 3 | | More coming soon | SIEM Lab, Phishing Analysis, Memory Forensics | Wazuh, Autopsy | ## TryHackMe Profile [View my TryHackMe profile](https://tryhackme.com/p/roshini.john02) *This portfolio is actively being built. New projects added weekly.*