Pinned Loading

1. nmap-wireshark-ssh-scp nmap-wireshark-ssh-scp Public

   This project successfully demonstrated how SSH and SCP work together to securely transfer files, how to capture and analyze encrypted SSH traffic in Wireshark, and how to troubleshoot unexpected be…

   Jupyter Notebook

2. wireshark-nmap-email wireshark-nmap-email Public

   This project analyzes the transmission of emails between two devices on the same network:

   Jupyter Notebook

3. ioc-22-web-shell-upload ioc-22-web-shell-upload Public

   This case demonstrates a classic but still deeply effective tactic: the use of an improperly validated file upload to implant a web shell. It wasn’t an exploit. It wasn’t a brute force attack. It w…

   Jupyter Notebook

4. ioc21-cradle-powershell ioc21-cradle-powershell Public

   This case, centered on a PowerShell download cradle, illustrates one of the most common but under-analyzed threats in modern enterprise environments.

   Jupyter Notebook

5. splunk-insider-threat-simulation1 splunk-insider-threat-simulation1 Public

   This project simulated the behavior of a malicious insider on a Windows 11 host to generate detectable telemetry for use in SIEM-based detection and host triage. The exercise focused on five core b…

   Jupyter Notebook

6. splunk-insider-threat-simulation2 splunk-insider-threat-simulation2 Public

   *This simulation captures core, widely observed attacker behaviors aligned with common enterprise intrusion patterns. From brute-force access to obfuscated execution, persistence, recon, and privil…

   Jupyter Notebook