Projects

These projects demonstrate hands-on SOC-style investigations, intrusion detection development, and structured incident response documentation using real-world datasets.

Featured Projects

Real-Time NIDS Dashboard

Focus: Detection and alerting

Flask dashboard that displays real-time intrusion alerts with timestamps and severity.

What I learned: Turning raw alerts into clear, actionable notes.

Coming Soon Writeup – Coming Soon

SOC Network Traffic Investigation

Focus: Malware PCAP Investigation

Conducted structured analysis of malware-related packet capture data to identify infected host, validate payload delivery, and extract actionable indicators of compromise (IOCs).

Included TLS inspection, HTTP artifact validation, and offline payload hashing in an isolated environment.

Repo Writeup

Incident Response – NetSupport RAT

Focus: Command-and-Control Validation

Investigated NetSupport RAT activity using DNS analysis, TLS SNI validation, HTTP POST beaconing detection, and TCP stream inspection.

Correlated IDS alerts with packet-level evidence to confirm active C2 communication and assess impact.

Repo Writeup

Project Structure

Each project includes:

Problem or investigation scenario
Tools and environment used
Evidence (screenshots, logs, packet captures)
Technical findings
Indicators of compromise (IOCs)
Containment or detection recommendations

The goal is to demonstrate structured investigative thinking aligned with SOC workflows.