╔══════════════════════════════════════════════════════════════════════════╗
║ ║
║ ██╗██████╗ ██████╗ █████╗ ██╗ ██╗██╗███╗ ███╗ ║
║ ██║██╔══██╗██╔══██╗██╔══██╗██║ ██║██║████╗ ████║ ║
║ ██║██████╔╝██████╔╝███████║███████║██║██╔████╔██║ ║
║ ██║██╔══██╗██╔══██╗██╔══██║██╔══██║██║██║╚██╔╝██║ ║
║ ██║██████╔╝██║ ██║██║ ██║██║ ██║██║██║ ╚═╝ ██║ ║
║ ╚═╝╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝╚═╝╚═╝ ╚═╝ ║
║ ║
║ [ BLUE TEAM OPERATOR | SOC ANALYST ] ║
║ ║
╚══════════════════════════════════════════════════════════════════════════╝
┌──[ibu-cyx0@soc-workstation]─[~]
└─$ cat profile.txt
Name : Mohamed Ibrahim H
Role : Aspiring SOC Analyst
Location : Tamil Nadu, India
Focus : Blue Team | Threat Detection
Status : 🟢 Actively Hunting Threats
Certifications:
✅ EC-Council Certified SOC Analyst (CSA)
✅ Splunk Core Certified User
✅ Cisco Cyber Ops Associate
Mission : Defend systems before attackers
find the door open.|
🛡️ Security Operations 📡 SIEM & Tools SIEM : Splunk · Wazuh · ELK Stack
Network : Wireshark · Nmap · Tcpdump
Threat : MISP · AlienVault OTX · AbuseIPDB
Defense : pfSense · Snort · Suricata
IAM : Active Directory · Zero Trust |
💻 Development Primary : Python (Security Automation)
Scripts : PowerShell · Bash
APIs : REST · Flask · Splunk REST
Version : Git · GitHub
Infra : Docker · Ansible🌐 Networking |
| Certification | Issuer | Domain |
|---|---|---|
| 🏆 Certified SOC Analyst (CSA) | EC-Council | SOC Operations |
| 🏆 Core Certified User | Splunk | SIEM & Log Analysis |
| 🏆 Cyber Ops Associate | Cisco | Network Security |
🔥 Project 1 — CTI Automation Platform [ FLAGSHIP ]
Automated Cyber Threat Intelligence Pipeline
┌─ ARCHITECTURE ──────────────────────────────────────┐
│ │
│ AlienVault OTX ──┐ │
│ AbuseIPDB ───────┼──► IOC Collector ──► Splunk │
│ URLhaus ─────────┘ (Python) Correlator │
│ │ │
│ Live Dashboard ◄────── │
└──────────────────────────────────────────────────── ┘
Stack: Python Splunk REST API AlienVault OTX AbuseIPDB URLhaus Docker
Key Achievements:
- 🔗 Multi-feed IOC collection with automatic deduplication
- 🔍 Splunk log correlation via REST API for real-time IOC matching
- 📊 Live dark-themed dashboard with threat origin heatmap
- ⚡ Auto-severity classification: CRITICAL / HIGH / MEDIUM / LOW
🤖 Project 2 — AI SOC Alert Triage System [ ML ]
ML-Based False Positive Reduction for SOC Analysts
Raw Alerts ──► Feature Extraction ──► Random Forest ──► Verdict
(SIEM/IDS) [10 security Classifier TP → Escalate Tier 2
features] 100% Accuracy FP → Auto-Close
AUC: 1.0000
Stack: Python scikit-learn pandas numpy Splunk
Key Achievements:
- 🌲 Random Forest trained on 2000 labeled SOC alert samples
- ⚡ Real-time alert classification with confidence scoring
- 📉 100% false positive reduction on test dataset
- 📊 Live triage dashboard with confusion matrix & feature importance
🏠 Project 3 — SOC Home Lab [ SIEM ]
Log Analysis & Threat Detection Lab
Stack: Splunk Wazuh VirtualBox Python
Key Achievements:
- 📋 Monitored and correlated security logs across Splunk + Wazuh
- 🚨 Created custom alert rules for brute force detection
- 🔍 Investigated suspicious login attempts and anomalous behaviour
- 🖥️ Simulated real SOC monitoring workflows
🌐 Project 4 — Network Traffic Analysis [ NETWORK ]
Deep Packet Inspection & Protocol Forensics
Stack: Wireshark Python Scapy
Key Achievements:
- 📦 Captured and analyzed live network traffic using Wireshark
- 🔬 Investigated HTTP, DNS, TCP protocols for anomalies
- 🚩 Identified suspicious traffic behaviour and C2 patterns
- 📝 Produced packet-level incident investigation reports
[2026] ── Building Zero Trust Network Simulation Lab ............. [ COMPLETE ✓ ]
[2026] ── CTI Automation Platform (OTX + AbuseIPDB + URLhaus) ... [ COMPLETE ✓ ]
[2026] ── AI SOC Alert Triage System (Random Forest ML) ......... [ COMPLETE ✓ ]
[2026] ── EC-Council Certified SOC Analyst (CSA) ................ [ CERTIFIED ✓ ]
[2025] ── Splunk Core Certified User ............................ [ CERTIFIED ✓ ]
[2025] ── Cisco Cyber Ops Associate ............................. [ CERTIFIED ✓ ]
[2025] ── SOC Home Lab (Splunk + Wazuh) ......................... [ COMPLETE ✓ ]
[2025] ── Network Traffic Analysis (Wireshark) .................. [ COMPLETE ✓ ]
[2024] ── B.E. Cyber Security — Paavai Engineering College ....... [ ONGOING ⟳ ]
