🕶️ Danovis-soc-entry level
From IT To SOC · Defender · Lab & Journey · Blockchain Forensics practiceFrom 20-Year IT Admin
to SOC Analyst Defender
Documenting real detection engineering, SIEM deployment, and enterprise forensics scripts. This page is my public SOC lab, tool repository, and community-supported transition to remote Tier-1 Security Operations.
Bitcoin
Support SOC hardware, lab licensing & tooling.
📁 SOC Analyst Toolbox · Forensics Scripts
⬇️ Download All📡 Live SOC Lab · Detection Log
🛡️ Attack: Nmap Stealth Scan (SYN)
📅 April 7, 2026 | Tools: Nmap, WiresharkFrom Kali to Linux Mint: 331 packets. nmap -sS 10.0.2.15 revealed sequential port probing + RST responses.
📦 First Capture: 396 Packets
April 7, 2026 · Wireshark 4.2.2sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap. Analyzed MDNS broadcasts & TLS metadata.
🧠 Blockchain Forensics & MITRE Mapping
Windows/Linux · SIEM readyCross-platform sensor maps cryptominers (T1496.001), wallet theft (T1552.001) and mempool anomalies to Splunk/Elastic.
📜 Security+ & SOC Toolkit
Current focus: Security+ (SY0-701) & CySA+.
- 🔐 Threats & Vulnerabilities — nmap detection lab
- 📊 SOC Operations — SIEM fundamentals
- 🌐 Network Security — Wireshark, Zeek
- 🛠️ Incident Response — IR playbooks
💪 Community Support
Applying for remote Tier-1 SOC Analyst roles. Donations go toward a Dell laptop for SIEM, EDR, and malware sandboxes.
🚀 Next milestone (April 2026): Cross-VM lateral movement — Host-Only network between Kali & Mint, writing Sigma rules. Feedback welcome on LinkedIn!
👉 Share your feedback on LinkedIn or via email.
No comments:
Post a Comment