Cybersecurity-focused CMIS senior with hands-on experience in security tools. Dedicated to staying current with industry best practices and emerging threats.
Seeking a challenging cybersecurity role where I can leverage my analytical skills, meticulous attention to detail, and proactive threat detection capabilities. Committed to contributing to a collaborative team environment and expanding my cybersecurity expertise through continuous learning and growth.
| Skill | Tools Used |
|---|---|
| Hypervisors |   |
| Identity Providers |  |
| Skill | Tools Used |
|---|---|
| Server Operating Systems |   |
| Desktop Operating Systems | |
| Skill | Tools Used |
|---|---|
| Network Configuration (Lab Networks) |  |
| Skill | Tools Used |
|---|---|
| Scripting Languages |  |
| Skill | Tools Used |
|---|---|
| Phishing Analysis |   |
| Network Security Monitoring |    |
| Network Traffic Analysis | |
| Endpoint Security Monitoring |  |
| Endpoint Detection and Response |  |
| Log Analysis and Management |  |
| Security Information and Event Management (SIEM) | |
| Threat Intelligence |   |
| Digital Forensics |   |
| Incident Response | |
| Packet Capture and Flow Analysis | |
| Skill | Tools Used |
|---|---|
| Security Assessment Tools |      |
| Active Directory Penetration Testing |  |
| Web Application Penetration Testing | |
| Wireless Penetration Testing | Home Router, Wireless Adapter |
| Firewalls | |
- Security Operations (SOC) 101
- Open-Source Intelligence (OSINT) Fundamentals
- Practical Bug Bounty
- Practical Ethical Hacking
Participated in the "The King of Hackers" CTF challenge by Hacker Mentor, focusing on:
- Vulnerability scanning
- Exploitation techniques
- Flag capture
Challenge Faced:
One of the significant challenges I encountered was performing a vulnerability assessment on a WordPress site, a task I had not previously undertaken. Initially, I struggled with the tools and methodologies required for effective enumeration of WordPress vulnerabilities.
Solution:
To overcome this hurdle, I utilized Google dorking techniques to refine my search for specific vulnerabilities associated with WordPress. Additionally, I consulted resources on HackTricks, which provided valuable insights into common WordPress vulnerabilities and exploitation methods. By applying these techniques, I successfully identified vulnerabilities that allowed me to capture the flag.
Learnings:
This experience enhanced my practical application of security concepts and significantly improved my problem-solving skills, particularly in high-pressure scenarios typical of CTF challenges.
Project 1: Virtual Network Penetration Testing Lab
- Objective: Build a secure virtual lab for hands-on penetration testing.
- Environment: VirtualBox with multiple VMs, including a simulated Windows Server 2019 Active Directory; pfSense firewall for network segmentation.
- Focus Areas: Vulnerability assessment, network security, penetration testing, documentation, and reporting.
- Objective: Master advanced threat detection and response in an Active Directory environment.
- Tools & Techniques: Integrated Snort IDS, LimaCharlie EDR, and Splunk SIEM; applied NIST Incident Response Plan and MITRE ATT&CK frameworks.
- Focus Areas: Real-time threat detection, analysis, incident response, and comprehensive cybersecurity defense.