I'm a security practitioner with hands-on experience across both offensive and defensive operations β from adversary emulation to incident response, threat hunting, and detection engineering. I work across environments ranging from small business to enterprise scale.
This portfolio documents my labs, research, tooling, and real-world writeups.
| Skill | Project |
|---|---|
| Threat Hunting & Intelligence (CTI) | Threat Hunts, CTI & POCs |
| Red Team Operations & C2 Infrastructure | C2 Labs & Deployment |
| Adversary Emulation | Adversary Simulations & IR Demos |
| Digital Forensics & Incident Response (DFIR) | DFIR Playbooks, Writeups & Cheatsheets |
| Vulnerability Assessment & Exploitation | Vuln Scanning & Patching Collection |
| Network Traffic Monitoring & Attack Detection | Snort Lab |
| Open Source Intelligence (OSINT) | OSINT Writeups |
| Endpoint Security (EDR) | Endpoint Security Collection |
| Web Application Security (OWASP Top 10) | OWASP Top 10 Box |
| SIEM & Detection Engineering | SIEM Query Building |
| Network Reconnaissance & Enumeration | In Progress |
| CrowdStrike Utilities & RTR | In Progress |
| Project | Description |
|---|---|
| CTF Writeups | Documented solutions and methodologies from Capture the Flag competitions |
| Canadian OSINT Toolbox | Curated OSINT resources and tooling tailored for Canadian investigations |
| Oops, I Dropped My Artifacts | Adversary emulation scenarios with artifact analysis and IR walkthroughs |
| OpenCTI Platform Deployment | Full deployment and SOC integration of OpenCTI for threat intel operationalization |
| SOAR Automated Workflows | Automated triage and response playbooks for faster SOC decision-making |
| RTR Scripts & Custom CS Queries | CrowdStrike Real-Time Response scripts and Falcon SIEM queries for forensic acquisition |
| Nessus Scanner Deployment | Passive vulnerability scanning setup and tuning for continuous asset coverage |
| Home Security Lab | Isolated attack/defend lab environment for research, training, and tool testing |
