I’m a final-semester Cybersecurity M.S. student based in Houston, working toward a career as a SOC Analyst or Detection Engineer.
I enjoy building small, focused labs that answer practical questions like “who scanned me?” and “what did they try?”
- Windows Security Monitoring (Splunk) – tracking failed logons (4625), account lockouts, and brute-force attempts
- Snort → Splunk Portscan – detecting Nmap SYN bursts and visualizing top sources/ports with timelines
- OWASP ZAP – Juice Shop Assessment – web application vulnerability scanning and reporting
I learn best by simulating real-world scenarios, collecting raw logs, and transforming them into fields, searches, and dashboards that speed up investigation and triage.
- SIEM: Splunk (SPL queries, dashboards)
- Threat Detection: Windows Event Logs, Snort, OWASP ZAP
- Networking & Testing: Nmap, Wireshark basics
- Platforms: VirtualBox, Docker, Ubuntu, Kali Linux
- Scripting: Basic Python
- Certification: CompTIA Security+
-
Windows Security Monitoring (Splunk SIEM)
Repo: Splunk-security-dashboard
Focus: Event IDs 4625/4624/4740, brute-force logic, lockout tracking -
Snort → Splunk Portscan Demo
Repo: snort-splunk-portscan-demo
Focus: SYN-burst detection, field parsing, top sources/ports, time-based visualization -
OWASP ZAP – Juice Shop Lab
Repo: owasp-zap-juice-shop-lab
Focus: OWASP Top 10 vulnerabilities, scanning methodology, HTML reporting
- Expand Splunk dashboards with Sysmon (process/network visibility)
- Experiment with slow-scan detection and GeoIP enrichment
- Document additional labs for SOC triage and incident response practice
- LinkedIn: linkedin.com/in/numanshaik
- Email: numanshaik.cyber@gmail.com