Skip to content

MgnCoding2020/Cybersecurity-Monitoring-Lab

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Cybersecurity Monitoring & Investigation Lab

I am building a virtualized lab environment using Hyper-V and Windows 10 Pro to bridge the gap between theory and practice. This project serves as a hands-on application of the networking and security principles I’ve studied through CompTIA Network+, Security+, and TryHackMe labs.

In this repository, I document my experience with:

  • Security Monitoring: Establishing a baseline for system activity.
  • Event Log Investigation: Identifying and tracing suspicious behavior within Windows environments.
  • Network Traffic Analysis: Capturing and inspecting packets to understand communication flows.
  • Vulnerability Scanning: Identifying weaknesses and assessing system risks.

Tools & Technologies

To facilitate data collection and analysis, I am utilizing:

  • Sysmon: For advanced host-level logging and monitoring.
  • Wireshark & Nmap: For network discovery and deep packet inspection.
  • Nessus: For automated vulnerability assessments.

Lab Artifacts

This lab generates the following outputs for analysis:

  • Windows Event Logs (.evtx) (.xml)
  • Packet Captures (.pcap)
  • Vulnerability Reports (PDF/HTML)
  • Investigation Case Notes: Documenting findings and remediation steps.

NOTE: Raw .evtx files are not included due to potential sensitive system identifiers. Sanitized .xml files are provided instead for safe public review.

About

A defensive cybersecurity lab demonstrating Windows event monitoring and investigation with Sysmon. The project documents real telemetry such as process execution, PowerShell activity, and DNS lookups.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors