Wazuh is an open source SIEM tool that I deployed on an Ubuntu server. My goal for this project is to mirror the responsibilities of a SOC Analyst and Cybersecurity Analyst. With the help of my friends, I placed an agent on their devices to ingest logs on my central console. For each client I have created vulnerability reports, assessed their security posture using the built-in CIS benchmarks tool, and investigated security incidents. This will be an ongoing project as I believe the success of it relies on consistency. I will continue to monitor their devices, and I intend to add more in the future. 

This project has been my favorite thus far. The concept of a honeypot is integral to cybersecurity and has been something I wanted to do since I first learned about it. My step-by-step process is laid out in the Google Doc above. The honeypot in this project is an extremely vulnerable Windows 10 machine in Azure. All firewalls are off, all connections are accepted. It is currently up and running, waiting for hackers to break in. To the right of the Google Doc is a spreadsheet with 14,869 logged security incidents. I specifically filtered it to include failed login attempts. The attempted account name, along with their IP address is also included. These logs were generated over the course of 12 hours and included login attempts from China, India, Estonia, and many more countries. I intend to build upon this project and improve my understanding of query languages such as KQL. 

This project is my first exposure to a Vulnerability Scanner tool. The goal of the project is to discover vulnerabilities on a Windows 10 virtual machine using Nessus and attempt to remediate the vulnerabilities. This project will be continually ongoing and my progress is recorded in the above Google Doc. The documentation includes:

• Vulnerabilities and their breakdown

• The recommended remediations from Nessus

• The actions taken to address vulnerabilities 

• Pre and Post scans showing progress

This project was inspired by Youtuber Josh Madakor who walks through how to setup an Active Directory lab environment through VirtualBox. The above document outlines my process of setting up the Domain Controller, DHCP server, and creating users. My goal of the project is to become familiar with Active Directory and simulate an enterprise environment. 

Packet Tracer Networking Project

This was the capstone project for my Introduction to Networking course through Cisco's Netacad. I was given a Network address and asked to complete the following tasks:

1. Create a variable length subnetting scheme for a business with multiple departments (Production, Wireless, Marketing, and Management)

2. Assign the IP addressing scheme to each department, providing ranges, and maintaining consistency for end users devices

3. Using Packet Tracer, manually configure each switch, router, PC, and Server.

Requirements: 

Router: enable IPv4/IPv6 routing, static routing, SSH, security of console, VTY, passwords, encryption, banner message, and preventing brute force attacks

Switch: VLAN, password, encryption, configure default gateway, security of console, VTY, and privleged exec mode

End Devices: assign IPv4 and IPv6 address, subnet mask, DNS, and default gateway

4. Ensure overall device connectivity by successfully pinging each device 

5. Ensure capability of SSH on routers

6. Ensure DNS server functionality by accessing website