My background is in IT infrastructure, but I found my passion on the defensive side of security. I spend time in my home lab simulating attacks and digging through Windows Event Logs, Sysmon telemetry, and memory dumps to understand how things actually work under the hood.
Lately I've been focused on reconstructing attack timelines around techniques like persistence and privilege escalation using Elastic SIEM, Volatility, and Suricata. I also build Python tooling for log normalization, IOC extraction, and threat intel enrichment as a modular pipeline.
Recently graduated with my B.S. in Computer Information Technology from CSUN and currently deciding on a master's program in information security.
| Project | Focus | Stack | Status |
|---|---|---|---|
| Log Normalizer / IOC Extractor | Multi-format log parsing, IOC extraction, suspicious pattern flagging, structured JSON output | Python, argparse, re, python-evtx, rich | Complete |
| Threat Intel Enricher | IOC enrichment against VirusTotal and AbuseIPDB, verdict scoring, pipeline chaining via stdout | Python, requests, psycopg2 | Complete |
| SQL Security Lab | Dual-version Flask app demonstrating SQL injection vs parameterized queries, RBAC, row-level security | Python, Flask, PostgreSQL | Complete |
| Python Keylogger with C2 Server | AES-encrypted keystroke capture, HTTP POST to Flask C2, modular architecture with unit tests | Python, Flask, hashlib, pynput | Complete |
| Sysmon Detection Lab | MITRE ATT&CK simulation, Sigma rule authoring, alert correlation | Sysmon, Elastic SIEM, Wazuh | In Progress |
| Malware Analysis Lab | Static/dynamic analysis, memory forensics, IOC reporting | FLARE-VM, REMnux, Volatility, YARA | In Progress |
| Enterprise Active Directory Lab | Domain administration, incident simulation, GPO, bulk provisioning | Windows Server, PowerShell | Complete |
| Windows Internals Lab | Process analysis, system behavior documentation | Sysinternals, Sysmon, VirtualBox | In Progress |
Security Splunk · Elastic SIEM · Wazuh · Sysmon · Suricata · Wireshark · Volatility · Sysinternals · CyberChef
Detection Sigma Rules · MITRE ATT&CK · Alert Triage · IOC Extraction · Log Analysis · Threat Hunting
Python requests · argparse · hashlib · psycopg2 · pynput · python-evtx · re · Flask · pytest
Scripting Bash · PowerShell · SQL
OS Linux (Ubuntu, Kali, Fedora) · Windows 10/11 · Windows Server · macOS
Infrastructure VMware · VirtualBox · Proxmox · pfSense · Active Directory · Azure / Entra ID
B.S. Computer Information Technology · California State University, Northridge · 2026
A.S. Cybersecurity & Computer Programming · Los Angeles Mission College · 2023/2024
CompTIA Security+ · CompTIA CySA+ · ISC2 CC · HTB CDSA (In Progress)