Skip to content
View omarbabba779xx's full-sized avatar

Highlights

  • Pro

Block or report omarbabba779xx

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
omarbabba779xx/README.md

Omar Babba

Élève Ingénieur en Cybersécurité — SOC Junior | Detection Engineering

Tangier, Morocco

4th-year Computer Science & Networks engineering student at EMSI Tanger, focused on defensive security, SOC operations, and detection engineering. Projects centered on SIEM/SOAR, Sigma rules, MITRE ATT&CK, alert triage, log analysis and incident response — with a side specialization in blockchain security.

LinkedIn Email GitHub


Education

Cycle Ingénieur — Informatique et Réseaux · EMSI (École Marocaine des Sciences de l'Ingénieur), Tanger · 2022 – Present

  • Web/mobile security: OWASP Top 10, SQLi/XSS, APK analysis, root detection, InsecureBank/InsecureShop
  • VPN & monitoring: IPsec/IKE, OpenVPN, WireGuard, Wireshark, SNMP/Syslog, Zabbix, Prometheus
  • Incident & intrusion: SIEM/SOC, Windows/Linux logs, Sigma, MITRE ATT&CK, triage, SEC555 methodology

Experience

Cybersecurity Awareness Internship · Amendis Tangier (Groupe Veolia) · August 2025

  • Delivered fundamentals training: CIA triad, user-side risk, phishing, security best practices
  • Exposure to SCADA environments, the Riot platform, and GLPI for inventory/operational tracking
  • Ran a phishing simulation — measurable drop in click-through rate after awareness training

Projects

SOC, SIEM & Detection Engineering

  • Full-stack SOC platform with OCSF ingestion
  • 4,000+ Sigma/MITRE/Elastic rules with ATT&CK coverage mapping
  • Analyst workflows, coverage scoring, rule validation

SOC SIEM Sigma MITRE ATT&CK Python Docker

MITRE ATT&CK Detection Validation

  • Lab-safe framework covering 22 ATT&CK TTPs
  • APT29 / FIN7 / Lazarus / APT41 emulation profiles
  • Reproducible JSONL SIEM traces to test alert coverage and improve Sigma rules

MITRE ATT&CK SIEM Sigma APT Docker

Blockchain Security Audit

  • Fabric + Polygon: private prescriptions, Node.js bridge, Solidity smart contract
  • Smart contract audit: 19 findings remediated, reentrancy guard added
  • CI security pipeline with Slither / Semgrep / Gitleaks

Blockchain Security Solidity Slither Semgrep Gitleaks


Skills

Area Details
SOC & Detection Engineering SIEM/SOAR, Sigma, MITRE ATT&CK, OCSF, SOC use cases, alert triage, log analysis
Incident & Intrusion Management Preparation, triage, containment, eradication, recovery, EVTX, auditd, Zeek
Network Security, VPN & Monitoring IPsec/IKE, OpenVPN, WireGuard, GRE, OSPF, SNMP, NetFlow/sFlow, Wireshark, Zabbix
Web & Mobile Security OWASP Top 10, SQLi/XSS, access control, session security, APK analysis, root detection
Blockchain Security & Smart Contracts Ethereum, Solidity, smart contracts, ERC-20/ERC-721, PoW/PoS, Slither, Semgrep, Gitleaks

GitHub Activity


Languages: French (Advanced) · English (Advanced) · Arabic (Native)

Open to SOC analyst / detection engineering internships — reach out via LinkedIn or email above.

Pinned Loading

  1. CyberTwin-SOC-v2 CyberTwin-SOC-v2 Public

    Full-stack SOC platform — 4 400+ detection rules (SigmaHQ + MITRE CAR + Elastic), 622 ATT&CK techniques + MITRE ATLAS (AI/ML threats), agentless cloud posture (CSPM), adversary simulation, Stratus …

    Python

  2. Medichain-plus Medichain-plus Public

    Full-stack dual-blockchain platform for parametric pharmaceutical micro-insurance. Hospital issues Rx on Hyperledger Fabric 2.5 → pharmacy fills → USDC paid instantly on Polygon Amoy via Solidity s…

    JavaScript

  3. APT-Simulator APT-Simulator Public

    Defensive ATT&CK emulation lab: 5,064 TTPs, 3,522 scenarios, 1,000 validated chains, 4 SIEM connectors, OIDC/JWKS RBAC, lab evidence registry, service-packaged agents, 25-area readiness, 8 enterpri…

    Python