Skip to content

Latest commit

 

History

History
29 lines (23 loc) · 1.47 KB

File metadata and controls

29 lines (23 loc) · 1.47 KB

Cybersecurity Monitoring & Investigation Lab

I am building a virtualized lab environment using Hyper-V and Windows 10 Pro to bridge the gap between theory and practice. This project serves as a hands-on application of the networking and security principles I’ve studied through CompTIA Network+, Security+, and TryHackMe labs.

In this repository, I document my experience with:

  • Security Monitoring: Establishing a baseline for system activity.
  • Event Log Investigation: Identifying and tracing suspicious behavior within Windows environments.
  • Network Traffic Analysis: Capturing and inspecting packets to understand communication flows.
  • Vulnerability Scanning: Identifying weaknesses and assessing system risks.

Tools & Technologies

To facilitate data collection and analysis, I am utilizing:

  • Sysmon: For advanced host-level logging and monitoring.
  • Wireshark & Nmap: For network discovery and deep packet inspection.
  • Nessus: For automated vulnerability assessments.

Lab Artifacts

This lab generates the following outputs for analysis:

  • Windows Event Logs (.evtx) (.xml)
  • Packet Captures (.pcap)
  • Vulnerability Reports (PDF/HTML)
  • Investigation Case Notes: Documenting findings and remediation steps.

NOTE: Raw .evtx files are not included due to potential sensitive system identifiers. Sanitized .xml files are provided instead for safe public review.