Portfolio — Fortify My Network

Real Work.
Real Results.

Hands-on labs, live client projects, and built platforms — organized by discipline.

// LAB 001
Snort IDS — Network Intrusion Detection
SnortIDS/NIPSPacket AnalysisCustom Rules
// Objective

Deployed Snort in Sniffer, Logger, and NIDS modes. Wrote custom detection rules for SSH brute-force, non-standard HTTP traffic, and ICMP anomalies. Analyzed pcap files with tcpdump and Wireshark to trace attack patterns.

// Key Findings

  • Detected SSH brute-force from 10.3.40.7 → port 22 (threshold: 5 attempts/60s)
  • Non-standard SSH traffic: 172.29.0.1 → 172.29.9.1
  • Suspicious HTTP GET from 10.3.40.16 → port 80
  • Custom rules written: ICMP, SSH, HTTP, DNS external request detection
  • Logs analyzed in ASCII and binary tcpdump format
// LAB 002
Azure Honeypot — SOC Home Lab
Microsoft AzureHoneypotVMNSGSOC
// Objective

Built a cloud-based Security Operations Center home lab on Microsoft Azure. Deployed a virtual machine configured as a honeypot to attract and log real-world attack traffic, with Azure Network Security Groups acting as the firewall layer.

// Architecture

  • Created Azure Subscription, Resource Group, and Virtual Network
  • Deployed Windows VM configured as an exposed honeypot
  • Configured Network Security Group rules to monitor inbound threats
  • Logged and analyzed attacker behavior patterns in real time
// LAB 003
Digital Forensics & Incident Response (DFIR)
DFIRAutopsyDLL HijackingNISTLog Analysis
// Objective

Executed the full DFIR lifecycle from Preparation through Lessons Learned using the NIST Incident Response Framework. Investigated DLL hijacking, collected digital evidence, performed log analysis, and documented findings in structured incident reports.

// Skills Demonstrated

  • Identified DLL hijacking attack vector and lateral movement
  • Performed disk image analysis using Autopsy
  • Applied NIST IR Framework: Detect → Contain → Eradicate → Recover
  • Collected and preserved digital evidence per forensic chain-of-custody
  • Delivered incident report with root cause and remediation plan
// LAB 004
Malicious File Detection & Analysis
VirusTotalClamAVNetstatMD5Malware
// Objective

Investigated a suspicious executable using Netstat, VirusTotal, and ClamAV. Generated MD5 hash for file identification, traced active network connections to malicious IPs, and proposed full remediation strategy.

// Findings

  • Malicious file identified: file176.exe
  • Suspicious outbound connection to: 123.35.104.34
  • MD5 hash: f45a8b87e01fd9ef98cd1b7a2ea6b2a4c
  • Confirmed malicious via 42/68 VirusTotal engine flags
// LAB 005
Web Application Security — OWASP Top 10
OWASPSQL InjectionXSSPhishingPen Testing
// Objective

Explored all OWASP Top 10 vulnerability classes in a controlled lab environment. Demonstrated SQL injection, XSS, CSRF, and authentication flaws. Cloned a real login page to simulate a credential-harvesting phishing attack for awareness training.

// Techniques Practiced

  • SQL injection via form input — extracted database contents
  • Stored & reflected XSS payload injection
  • Login page cloning for phishing simulation (awareness training)
  • Identified broken authentication and session management flaws
// LAB 006
Threat Hunting & OSINT Intelligence
Threat HuntingOSINTHypothesis-DrivenAPT
// Objective

Applied hypothesis-driven threat hunting methodology to proactively detect hidden adversaries in a simulated environment. Used OSINT tools and intelligence sources to build threat profiles and distinguish known vs. unknown attack patterns.

// Methodology

  • Built structured threat hunting hypotheses from intel feeds
  • Used OSINT to map attacker infrastructure and TTPs
  • Distinguished APT behavior from normal user traffic
  • Documented findings using MITRE ATT&CK framework alignment
// LAB 007
Linux System Administration & Security
LinuxSELinuxPermissionsBash14 Labs
// Objective

Completed 14 hands-on Linux labs covering file system management, user permissions, process control, networking commands, and Security-Enhanced Linux (SELinux). Built a master command reference used across all subsequent security labs.

// Skills Covered

  • File & directory management, vi/nano/vim editors
  • User/group permissions, sudo, chown, chmod
  • SELinux modes: Enforcing, Permissive, Disabled
  • Networking: tcpdump, netstat, ss, curl, wget
  • Grep, piping, regex for log analysis and forensics
FortifyMyNetwork.com preview
HTML/CSSLiveDeployed
FortifyMyNetwork.com

Full custom business website for Fortify My Network. Dark-themed, mobile-responsive single-page application with animated hero, service pillars, pricing, project portfolio, and integrated contact form.

→ VISIT SITE
SecurityPlusSimulator.com preview
Web AppExam PrepLive
SecurityPlusSimulator.com

A dedicated CompTIA Security+ SY0-701 exam prep platform. Features domain-by-domain question banks, timed practice exams, and real exam-style questions built by a certified security professional.

→ VISIT SITE
FortifyMyNetwork.tech preview
HTML/CSSLiveBusiness
FortifyMyNetwork.tech

Extended web presence for Fortify My Network on the .tech domain. Clean, professional landing page reinforcing the brand identity for the cybersecurity and IT services business.

→ VISIT SITE
// PLATFORM
SecurityPlusSimulator.com
CompTIASY0-7015 DomainsLive Platform

Built by a certified security professional who passed the SY0-701 exam. A full exam simulation platform with real question banks, timed exams, and domain-specific drills — built for people who want to pass, not just study.

Visit SecurityPlusSimulator.com →

// What's Inside

  • All 5 SY0-701 exam domains covered in depth
  • Domain-by-domain question banks
  • Timed full practice exams
  • Real exam-style question format
  • Written by someone who took the same exam
  • Built on top of CompTIA Security+ study notes