// projects & research
Work
Security research, CTF challenges, penetration testing labs, and open-source tools.
Active Directory Attack & Defense Lab
Built a Windows Server 2022 domain with 50+ users, then executed a full attack kill chain: BloodHound enumeration, Kerberoasting, Pass-the-Hash, DCSync, and Golden Ticket. Every attack step documented for detection engineering and blue team correlation.
Web Application Pentest Portfolio
Full security audit of intentionally vulnerable web apps covering OWASP Top 10 — SQL injection, XSS, IDOR, broken authentication, CSRF, file upload bypass, and security misconfiguration. Detailed findings report with PoC and remediation.
Phishing Simulation Campaign
Designed and executed a simulated phishing campaign using GoPhish against a mock 30-user organization. Built credential-harvesting landing pages, crafted convincing pretexts, tracked click rates and credentials submitted, then wrote a post-campaign security awareness report.
OSINT Recon Automation Toolkit
Python toolkit for automated OSINT gathering — domain enumeration, subdomain discovery, email harvesting, social media footprinting, WHOIS correlation, and metadata extraction from documents. Outputs structured JSON reports.
SIEM Threat Detection Lab
Deployed ELK Stack + Sysmon across a home lab network and wrote 15+ custom detection rules mapped to MITRE ATT&CK. Detects lateral movement, credential dumping, PowerShell abuse, suspicious process injection, and C2 beacon patterns.
Incident Response Simulation
Full IR simulation on a compromised Windows environment: initial triage, memory acquisition with Volatility, disk forensics with Autopsy, Splunk log correlation, attack timeline reconstruction, and an executive-level incident report following NIST SP 800-61.
Malware Analysis Sandbox
Static and dynamic analysis of real malware samples in an isolated FlareVM environment. Reports include behavioral indicators, network IOCs, registry persistence mechanisms, custom YARA rules, and ATT&CK technique mapping.
Network Penetration Lab
Multi-VM home lab with intentionally vulnerable machines (Metasploitable, DVWA, VulnHub targets). Full-chain attack practice: host discovery, service enumeration, exploitation, privilege escalation, persistence, and lateral movement.
CTF Writeups & Challenge Reports
Documented solutions and methodologies from HackTheBox, TryHackMe, and TuronSec CTF competitions. Covers web exploitation, binary reverse engineering, forensics, steganography, and cryptography challenges with step-by-step walkthroughs.