Portfolio

Real-world cybersecurity projects demonstrating technical expertise

Hands-on experience with modern security tools and methodologies

Technical Competence Through Action

Every project showcased here represents hands-on technical work—from security monitoring and network analysis to vulnerability assessment and incident response. These aren't theoretical exercises; they're real implementations solving actual security challenges.

Featured Projects

IoT Network Security Analysis with ntopng

Challenge

Unidentified IoT device on home network exhibiting suspicious command-and-control (C2) behavior with potential data exfiltration.

Approach

Deployed ntopng network traffic monitoring platform to analyze real-time packet flows, identify malicious communication patterns, and map device behavior to MITRE ATT&CK framework tactics.

Solution

  • Configured ntopng for deep packet inspection on network gateway
  • Identified IoT device communicating with suspicious external IPs in China
  • Mapped behavior to MITRE ATT&CK T1071 (Application Layer Protocol) and T1041 (Exfiltration Over C2 Channel)
  • Isolated compromised device using network segmentation (VLAN)
  • Created firewall rules blocking unauthorized connections
  • Implemented ongoing monitoring with automated alerting
ntopng Network Analysis IoT Security MITRE ATT&CK Wireshark Firewall Configuration
Outcome: Neutralized potential data breach, implemented network segmentation for IoT devices, and established ongoing monitoring for suspicious traffic patterns.

Enterprise SIEM Deployment - Wazuh Security Monitoring

Challenge

Home lab infrastructure lacked centralized security monitoring, log aggregation, and incident detection capabilities across multiple endpoints and virtualized environments.

Approach

Deployed Wazuh SIEM platform to provide real-time security monitoring, log analysis, and compliance reporting for virtualized environment running on Proxmox.

Solution

  • Installed Wazuh Manager, Indexer, and Dashboard on Ubuntu 25.10 server
  • Deployed Wazuh agents on multiple endpoints (Kali Linux, Parrot Security, Ubuntu)
  • Configured custom security rules for SSH brute force detection
  • Implemented privilege escalation monitoring
  • Integrated syslog collection from network devices
  • Created alerting workflows for critical security events
  • Configured compliance monitoring (PCI-DSS, GDPR frameworks)
Wazuh SIEM OpenSearch Log Analysis Compliance Monitoring Ubuntu Server Docker
Outcome: Centralized security visibility across infrastructure with real-time threat detection, automated alerting, and compliance reporting capabilities.

Enterprise-Grade Home Lab Security Infrastructure

Challenge

Build professional cybersecurity testing environment supporting offensive/defensive security research, vulnerability analysis, and continuous skill development.

Solution

  • Deployed Proxmox VE hypervisor on bare-metal server
  • Configured multiple VMs: Kali Linux (penetration testing), Ubuntu Server (services), Parrot Security (OSINT/forensics)
  • Implemented network segmentation with VLANs for isolated testing environments
  • Deployed Docker containers: ntopng (network monitoring), Pi-hole (DNS filtering), Plex (media server)
  • Integrated Snort IDS for network intrusion detection
  • Configured Wazuh agents for endpoint monitoring
  • Established secure remote access via WireGuard VPN
Proxmox VE Virtualization Docker Kali Linux Snort IDS Network Segmentation ntopng
Outcome: Fully functional cybersecurity lab environment supporting TryHackMe challenges, vulnerability research, penetration testing practice, and security tool evaluation.

AI-Augmented Penetration Testing Workstation

Challenge

Modern cybersecurity requires rapid research, code analysis, and documentation. Build AI-integrated security workstation to enhance efficiency without compromising operational security.

Solution

  • Integrated Claude Code (Anthropic) for code analysis and documentation
  • Deployed Google Gemini API for threat intelligence research
  • Configured Ollama (local LLM) for offline analysis of sensitive data
  • Built custom workflows on Parrot Security OS
  • Implemented air-gapped analysis environment for sensitive operations
  • Created documentation templates for security assessments
Claude Code Google Gemini Ollama Parrot Security AI Integration Automation
Outcome: Enhanced productivity for security research, vulnerability analysis, and technical documentation while maintaining operational security through local AI processing for sensitive data.

Technical Skills & Tools

Security Tools

  • Wazuh SIEM
  • Snort IDS
  • ntopng (Network Monitoring)
  • Nmap (Network Scanning)
  • Wireshark (Packet Analysis)
  • Metasploit Framework
  • Burp Suite
  • Nessus (Vulnerability Scanning)

Infrastructure

  • Proxmox VE (Virtualization)
  • Docker & Containerization
  • Linux (Ubuntu, Kali, Parrot)
  • Windows Server
  • Network Segmentation (VLANs)
  • Firewall Configuration
  • VPN (WireGuard, OpenVPN)
  • Cloud Security (AWS basics)

Frameworks & Standards

  • MITRE ATT&CK Framework
  • NIST Cybersecurity Framework
  • CIS Benchmarks
  • OWASP Top 10
  • PCI-DSS Compliance
  • HIPAA Security Rule
  • DoD 8570/8140
  • Incident Response Methodology

View Complete Portfolio on GitHub

Explore detailed project writeups, lab configurations, and security research on my GitHub portfolio.

View GitHub Portfolio View Services