Odinaka Udoezika

- Sophos Firewall Deployment: Deployed a Sophos Firewall OVF image in VMware Workstation, set up Windows 10 and Windows Server on the same VM, and configured Port A for LAN and Port B for WAN using DHCP. This setup enhanced my understanding of VMware networking, essential for managing enterprise networks.

- VMware Networking: Bridged the WAN interface, making my host computer act as the router, and configured Port B on the firewall to use DHCP. This helped me simulate real-world WAN… Näytä lisää

- Sophos Firewall Deployment: Deployed a Sophos Firewall OVF image in VMware Workstation, set up Windows 10 and Windows Server on the same VM, and configured Port A for LAN and Port B for WAN using DHCP. This setup enhanced my understanding of VMware networking, essential for managing enterprise networks.

- VMware Networking: Bridged the WAN interface, making my host computer act as the router, and configured Port B on the firewall to use DHCP. This helped me simulate real-world WAN setups and improved my VMware networking skills, crucial for troubleshooting organizational networks.

- DHCP and Firewall Rules: Enabled DHCP on the firewall and configured LAN to WAN firewall and NAT rules, ensuring secure internet connectivity. This is vital for maintaining robust and efficient enterprise networks.

- Advanced Firewall Features: Set up web policies, application controls, IPS, and advanced threat protection on the Sophos Firewall. These features enhance network security and protect against modern cyber threats, improving an organization's security posture.

- Active Directory Integration: Made Windows Server a domain controller and integrated Active Directory with the Sophos Firewall. Configured STAS authentication for accurate domain user logging, which enhances security monitoring and user management in enterprise environments. Näytä vähemmän

- Installed and set up Nessus Essentials to run credentialed vulnerability scans on Windows 10 systems.

- Established a comprehensive Vulnerability Management Function for sandbox networks, covering discovery, prioritization, assessment, reporting, remediation, and verification.

- Conducted vulnerability assessments using Nessus and effectively resolved identified issues.

- Created an automated process to preemptively fix vulnerabilities from Windows updates and third-party… Näytä lisää

- Installed and set up Nessus Essentials to run credentialed vulnerability scans on Windows 10 systems.

- Established a comprehensive Vulnerability Management Function for sandbox networks, covering discovery, prioritization, assessment, reporting, remediation, and verification.

- Conducted vulnerability assessments using Nessus and effectively resolved identified issues.

- Created an automated process to preemptively fix vulnerabilities from Windows updates and third-party software. Näytä vähemmän

• Homelab Setup for Wireshark: Set up an Ubuntu server on VMware to create a homelab for practicing with Wireshark. This setup provided practical experience in network packet analysis.

• Telnet Installation and Usage: Installed Telnet on the Ubuntu server and initiated a Telnet connection from the host computer. This demonstrated the risks of using Telnet to manage network devices, emphasizing the need for secure communication protocols.

• Packet Capture with Wireshark: Captured… Näytä lisää

• Homelab Setup for Wireshark: Set up an Ubuntu server on VMware to create a homelab for practicing with Wireshark. This setup provided practical experience in network packet analysis.

• Telnet Installation and Usage: Installed Telnet on the Ubuntu server and initiated a Telnet connection from the host computer. This demonstrated the risks of using Telnet to manage network devices, emphasizing the need for secure communication protocols.

• Packet Capture with Wireshark: Captured traffic on vmnet8, where the server’s network adapter is connected, using Wireshark. This exercise provided hands-on experience in capturing and analyzing network traffic.

• Packet Analysis and Stream Following: Analyzed the captured packets by filtering and following the streams to see data transferred in plain text. This helped understand how to dissect and interpret network traffic effectively.

• Understanding Security Risks: Discovered passwords and activities during the Telnet session, explaining how man-in-the-middle attacks work. This highlighted the importance of using secure protocols and enhanced awareness of network security risks. Näytä vähemmän

- Lab Environment Setup: Created a lab environment for malware analysis and reverse engineering by installing Flare VM, a pre-configured virtual machine with various malware analysis tools.

- Tool Utilization: Used tools such as disassemblers, debuggers, and memory analysis tools available in Flare VM to dissect and analyze malware samples.

- Malware Sample Collection: Downloaded malware samples from 'thezoo' GitHub repository to study different types of malware.

- Malware… Näytä lisää

- Lab Environment Setup: Created a lab environment for malware analysis and reverse engineering by installing Flare VM, a pre-configured virtual machine with various malware analysis tools.

- Tool Utilization: Used tools such as disassemblers, debuggers, and memory analysis tools available in Flare VM to dissect and analyze malware samples.

- Malware Sample Collection: Downloaded malware samples from 'thezoo' GitHub repository to study different types of malware.

- Malware Behavior Analysis: Analyzed malware to understand their behavior, operations, and identification techniques.

- Practical Experience: Conducted hands-on analysis to gain practical experience in malware analysis and reverse engineering. Näytä vähemmän

Together with my team (SafeTech) at Cyblack was contracted by a fictional (XYZ) company to conduct a vulnerability assessment and penetration test on their critical services and infrastructure in order to determine their exposure to any targeted attack.

The objective of this vulnerability and penetration testing was to expose any loophole that can be exploited by attackers. The vulnerability assessment and penetration testing was done on the vulnerable Metasploitable Virtual… Näytä lisää

Together with my team (SafeTech) at Cyblack was contracted by a fictional (XYZ) company to conduct a vulnerability assessment and penetration test on their critical services and infrastructure in order to determine their exposure to any targeted attack.

The objective of this vulnerability and penetration testing was to expose any loophole that can be exploited by attackers. The vulnerability assessment and penetration testing was done on the vulnerable Metasploitable Virtual Machine.

Find attached a link to our project where we detailed a step by step description on how we achieved this pentesting, the challenges we faced, the results of our findings and our recommendation. Näytä vähemmän

Together with my team (SafeTech), we carried out Cyber Threat Intelligence analysis on a fictional company. Using passive recon, we were able to gather information publicly available on (XYZ) company, using tools like Maltego, Shodan, etc. that could be used by threat actors to carry out attacks it is most probable to face.

Based on the information gathered using threat intelligence tools and sources, we were able to deduce the common threats like; social engineering, phishing and email… Näytä lisää

Together with my team (SafeTech), we carried out Cyber Threat Intelligence analysis on a fictional company. Using passive recon, we were able to gather information publicly available on (XYZ) company, using tools like Maltego, Shodan, etc. that could be used by threat actors to carry out attacks it is most probable to face.

Based on the information gathered using threat intelligence tools and sources, we were able to deduce the common threats like; social engineering, phishing and email compromise, cross site scripting, etc. that (XYZ) company could face. Recommendations like security awareness training, incident response and business continuity plans, were suggested to help with interventions and strategies to address key findings after the information gathering stage.

The objective of this project was to help us gain the experience needed to perform Threat Intelligence analysis on any company when the need arises. Näytä vähemmän

Together with my team Cyblack worked on a Cloud Security project. The purpose of this project was to gain in-demand skills and experience in the domain of Cloud security.

In this project, we worked on various topics which includes;

▫️Identity and Access management - Azure Active Directory: Here, we enabled and enforced MFA for users, Set up users on Azure IAM based on roles, configured MFA and Setup Role based access controls (RBAC)
▫️Audit, Monitoring and Logging on Cloud -… Näytä lisää

Together with my team Cyblack worked on a Cloud Security project. The purpose of this project was to gain in-demand skills and experience in the domain of Cloud security.

In this project, we worked on various topics which includes;

▫️Identity and Access management - Azure Active Directory: Here, we enabled and enforced MFA for users, Set up users on Azure IAM based on roles, configured MFA and Setup Role based access controls (RBAC)
▫️Audit, Monitoring and Logging on Cloud - Audit Logs/Azure Sentinel: Here, we created a free virtual machine, assigned log reader permissions and monitored behaviour of resources
▫️Data Loss Prevention and Microsoft Compliance - Microsoft Purview: Here we configured DLP and created Permissions using Microsoft Purview.
▫️Security Incident and Event Management (SIEM) - Sentinel: This tasks includes indicator tagging and creating new indicators related to security investigations.
▫️Implemented Directory Synchronisation Student lab manual: Here, we integrated on-premises Active Directory Domain Services (AD DS) environment with an Azure Active Directory (Azure AD) tenant. Näytä vähemmän

I built a streaming service website using HTML, CSS and JavaScript. I have attached the link to the website hosted on GitHub and a link to the repository. If you want to contribute, feel free to create a pull request.

The knowledge of HTML and JavaScript is one of the useful skills I possess as a cybersecurity Analyst because so many attack types revolve around HTML code. If attackers want to write a SQL injection attack or embed a malicious script in a website, they'll do it using… Näytä lisää

I built a streaming service website using HTML, CSS and JavaScript. I have attached the link to the website hosted on GitHub and a link to the repository. If you want to contribute, feel free to create a pull request.

The knowledge of HTML and JavaScript is one of the useful skills I possess as a cybersecurity Analyst because so many attack types revolve around HTML code. If attackers want to write a SQL injection attack or embed a malicious script in a website, they'll do it using HTML. To analyze those attacks, the understanding of HTML will help me.

While HTML forms the basis of webpages, JavaScript provides them their power. JavaScript code is widely used to incorporate outside elements, track user activity and perform many other web tasks. It's also the language used in many web-based application attacks, such as cross-site scripting. As an Incidence Responder, this JavaScript experience will also help me. Näytä vähemmän

Together with my team (SafeTech), we carried out Information Security Auditing & conducted an assessment of the current state of the information security management system for a fictional client organisation (XYZ) using ISO 27001 as guide to analyse their control requirements identifying;

- The potential risk of the finding if it is not resolved by the organisation

- Our proposed corrective action to ensure that they resolve the finding
- The timeline we are giving them to… Näytä lisää

Together with my team (SafeTech), we carried out Information Security Auditing & conducted an assessment of the current state of the information security management system for a fictional client organisation (XYZ) using ISO 27001 as guide to analyse their control requirements identifying;

- The potential risk of the finding if it is not resolved by the organisation

- Our proposed corrective action to ensure that they resolve the finding
- The timeline we are giving them to resolve the finding
- The status of our finding

The objective of this is to document the current state of the ISMS and Annex A controls at the fictional organisation (XYZ), using a holistic approach to identify the associated risks and provide recommendations required to mitigate those risks under ISO 27001 standards.

Linked is a well detailed Report and Audit sheet we created for better understanding of the audit we made and our proposed solutions. We are open to projects, do well to connect or recommend us. Näytä vähemmän

• Detected, diagnosed, and resolved network performance issues to avoid downtime with network optimization software
• Viewed performance, traffic, and configuration details of devices and applications that are onpremises, in the cloud, or
across hybrid environments with NetPath.
• Responded to multiple condition checks, correlated events, network topology, and device dependencies.

• Monitored Web Server techniques to identify appropriate technique to analyze parameters such as; TCP traffic,
Server bandwidth.
• Flooded attack detection using anomaly techniques with wireshark
• Brute Forced attack detection using wireshark
• Detected TCP XMAS Scan using pattern analysis (used to identify if a port is open or closed)