Projects

View the tools and experiments that I'm working on.

🔍

ThreatPulse — Threat Intel Aggregator

A threat intelligence project that pulls indicators of compromise (IOCs) from multiple open-source feeds, deduplicates them, and enriches each entry with contextual metadata. Designed to give analysts a single pane of glass for fast IOC lookups during triage.

Python Threat Intel IOCs REST APIs
View on GitHub
🧪

SOC Lab Environment

A virtualized security operations lab built for hands-on detection engineering practice. Windows and Linux endpoints forward Sysmon and auditd telemetry to a Splunk SIEM, where scripted attack simulations from the Atomic Red Team library are used to test and tune detection rules end-to-end.

Splunk Sysmon Atomic Red Team Home Lab
View on GitHub