🔍

ThreatPulse — Threat Intel Aggregator

A threat intelligence project that pulls indicators of compromise (IOCs) from multiple open-source feeds, deduplicates them, and enriches each entry with contextual metadata. Designed to give analysts a single pane of glass for fast IOC lookups during triage.

Python Threat Intel IOCs REST APIs
View on GitHub
🧪
Planned

SOC Lab Environment

A home lab I'm planning to build for hands-on detection engineering practice. The goal: stand up Windows and Linux endpoints forwarding Sysmon and auditd telemetry to a Splunk SIEM, then write and tune detection rules against scripted attack simulations from the Atomic Red Team library — exercising the full detect-validate-tune loop end-to-end.

Splunk Sysmon Atomic Red Team Home Lab
Coming soon