This repository contains a collection of practical projects completed for the Advanced Network Security course.
The projects focus on network forensics, threat analysis, phishing investigations, DNS abuse, beacon detection, and other security-centric case studies.
Each subproject is organized in its own folder and includes:
- a dedicated
README.mdwith project details, - source code under
src/when applicable, - solution scripts under
scripts/when applicable, - supporting artifacts such as reports, datasets, or helper utilities.
| Project | Title | Description |
|---|---|---|
| project-01 | Phishing Post-Mortem Analysis | Forensic reconstruction of a phishing campaign, including URL analysis, JavaScript reverse engineering, and credential exfiltration tracing. |
| project-02 | C2 - The Ground Truth Detective | Cross-correlation of NetFlow, DHCP, EDR, and TLS fingerprints to reconstruct the ground truth of an intrusion. |
| project-03 | Beacon Analysis | Detection and attribution of periodic beaconing behavior using network flow, DNS, DHCP, and ASN data. |
| project-04 | 0-RTT Replay | Exploitation of a 0-RTT replay vulnerability in a ticket-based fast reconnect protocol with missing replay protection. |
| project-05 | Silent Jammer (Selective Jamming) | Implementation of a high-precision link-layer attack targeting ACK frames in a simulated RF environment, bypassing interference detection mechanisms. |
| project-06 | DNS Cache Timing Side-Channel | Detection of a DNS cache timing oracle by probing candidate domains and inferring the hot cached domain through response-time differences. |
| project-07 | DNS Transaction Insight | Automated mapping of DNS transactions to identify cached vs. uncached domains by analyzing Round-Trip Time (RTT) and transaction ID patterns. |
| project-08 | Coming Soon | Placeholder for the next subproject. |
| project-09 | Coming Soon | Placeholder for the next subproject. |
| project-10 | Coming Soon | Placeholder for the final subproject. |