Windows security investigation analyzing failed authentication attempts using Event Viewer and Event ID 4625.
CySA+ / SOC Analyst portfolio project with practice scenarios, detection logic, and a React based SOC simulator
SOC-style phishing incident investigation analyzing a multi-vector job scam campaign. Performed email header analysis, URL inspection, and IOC extraction; mapped attack techniques to MITRE ATT&CK and documented findings with remediation and responsible disclosure.
Artefact conçu pour déplacer la surface d'action vers la représentation opérationnelle d'un système défensif. Pas d'exploitation, pas de persistance. L'espace cognitif comme terrain. Ce qui cesse d'être observé pendant la qualification est l'espace dans lequel il opère.
Network traffic investigation using Wireshark to analyze HTTP traffic and identify network communication patterns.
SOC alert investigations, SIEM practice labs, and incident analysis exercises completed on LetsDefend.
Network traffic investigation using Wireshark to analyze DNS, TCP, TLS and HTTP traffic.
Investigated suspicious Microsoft 365 sign in activity using portal triage, containment actions like session revocation and stronger authentication, then validated remediation and practiced structured KQL hunting patterns with Azure Monitor Logs demo data.
Enterprise security homelab simulating Active Directory, SIEM operations, threat detection, and internal attack scenarios in a virtualised on-prem environment.
A Microsoft Sentinel SOC homelab in Azure, where I built and validated a basic cloud SOC workflow: data onboarding, detection, investigation, and visualization. It demonstrates practical blue-team skills in SIEM operations, KQL-based threat hunting, watchlist enrichment, and workbook reporting.
This repository is a structured, research-driven documentation of my journey...
AI-assisted SOC triage pipeline - real AD attack alerts fed through Claude API for automated Tier 1 analysis. Includes analyst dashboard, AI vs manual comparison, and documented hallucination found during failure testing.
Add a description, image, and links to the soc-analysis topic page so that developers can more easily learn about it.
To associate your repository with the soc-analysis topic, visit your repo's landing page and select "manage topics."