Hello, I'm John!
Cybersecurity Analyst | Systems Administrator | Information Technology Professional
-
π¨ Microsoft Azure Cloud Detection Project π¨
- Documented process of building an Azure Cloud Detection Lab
- Covered steps such as creating an Azure Resource Group, deploying a Windows 10 Virtual Machine, setting up Log Analytics, and deploying Microsoft Sentinel Cloud Native Security Information and Event Manager (SIEM).
- Generated event data and configured data collection rules for processing in Microsoft Sentinel.
- Demonstrated skills in Azure management, security configuration, Kusto Query Language (KQL)
-
π YARA Threat Detection Project π
- YARA Proficiency: Utilized YARA, an open-source malware identification tool, to classify malware by creating custom rules.
- Rule Crafting: Developed YARA rules to detect patterns in file content, text strings, and attributes.
- IoC Proficiency: Mastered identifying Indicators of Compromise (IoCs) such as file properties, hashes, and text strings.
- Tool Integration: Integrated YARA with diverse security tools and applied rules across multiple platforms.
-
π― Microsoft Azure RDP Honeypot Project π―
- Created a Honeypot on Azure: Windows 11 VM with exposed RDP. Utilized Log Analytics, Microsoft Sentinel, Windows Defender for Cloud to capture and map attacks.
- Tasks: Set up Azure Account, Resource Group, Windows 11 VM, Log Analytics Workspace, Defender for Cloud, and used Microsoft Sentinel for SIEM.
- Integrated IPGeoLocation, enabled PowerShell scripts, established custom log collection for monitoring attacks and displaying origins on a live map.
-
π Cybersecurity Detection & Monitoring Home Lab π
- Designed a virtualized home lab network to test vulnerabilities and practice threat detection.
- Utilized PFSense, Splunk, Kali Linux, Security Onion, and Active Directory to simulate a small enterprise network.
- Simulated offensive and defensive tactics for adversary emulation and incident response practice.
-
π» PowerShell π»
-
π Python π
-
#οΈβ£ Bash #οΈβ£
- CompTIA CySA+
- CompTIA Security+
- CompTIA Network+
- Microsoft Certified: Azure Fundamentals
- ISC2: Certified in Cybersecurity
- Splunk Core Certified Power User (In Progress)