I work on Security Operations, building detection pipelines and investigating threats across network, endpoint, and intelligence layers. I train on CyberDefenders and BTLO to develop investigation and forensics skills, and on HackTheBox and Root-Me to stay sharp on the offensive side. Currently CompTIA Security+ certified, with BTL1 as the next target.
| Skill | Associated Project |
|---|---|
| SIEM and Detection Rule Engineering | sigwaz-cli / sigwaz.com / wazuh-custom-dashboards |
| Security Automation and SOAR Orchestration | shuffle-soc-automation |
| Threat Intelligence Operations | shuffle-soc-automation / CyberDefenders |
| Incident Case Management | shuffle-soc-automation |
| Network Forensics and Intrusion Analysis | CyberDefenders / BTLO / HackTheBox |
| Memory and Disk Forensics | CyberDefenders / BTLO / HackTheBox |
| Offensive Techniques and CTF Problem Solving | HackTheBox / Root-Me |
- sigwaz-cli - A high-precision Sigma-to-Wazuh rule converter built as a robust CLI tool for automated multi-rule batch processing.
- sigwaz.com - The live web-based version of the SigWaz converter, providing a clean, minimalist React interface for instant in-browser rule translation.
- shuffle-soc-automation - End-to-end SOC pipeline: Wazuh alert ingestion, multi-source observable enrichment, automated DFIR-IRIS ticketing.
- wazuh-custom-dashboards - Custom Wazuh dashboards for SOC monitoring and detection coverage analysis.
- blueteam-writeups - Detailed write-ups and case studies from CyberDefenders, BTLO, and HackTheBox challenges focusing on forensics, threat intelligence, malware analysis, and more.
- comptia-secplus-sy0-701-notes - Comprehensive study notes and exam preparation materials for CompTIA Security+ (SY0-701).
- soc-lab - Personal SOC homelab built on ELK 8.19.16 and MISP 2.4 : documentation, configurations, and deployment guides for a self-hosted open source detection stack.