I am building a virtualized lab environment using Hyper-V and Windows 10 Pro to bridge the gap between theory and practice. This project serves as a hands-on application of the networking and security principles I’ve studied through CompTIA Network+, Security+, and TryHackMe labs.
In this repository, I document my experience with:
- Security Monitoring: Establishing a baseline for system activity.
- Event Log Investigation: Identifying and tracing suspicious behavior within Windows environments.
- Network Traffic Analysis: Capturing and inspecting packets to understand communication flows.
- Vulnerability Scanning: Identifying weaknesses and assessing system risks.
To facilitate data collection and analysis, I am utilizing:
- Sysmon: For advanced host-level logging and monitoring.
- Wireshark & Nmap: For network discovery and deep packet inspection.
- Nessus: For automated vulnerability assessments.
This lab generates the following outputs for analysis:
- Windows Event Logs (.evtx) (.xml)
- Packet Captures (.pcap)
- Vulnerability Reports (PDF/HTML)
- Investigation Case Notes: Documenting findings and remediation steps.
NOTE: Raw .evtx files are not included due to potential sensitive system identifiers. Sanitized .xml files are provided instead for safe public review.