From IT Admin to SOC Defender – Cybersecurity Lab & Journey - Blockchain Forensics practice.

From IT Admin to SOC Defender | Danovis Pooler – Virtua Fighter 3 Edition

🕶️ Danovis-soc-entry level

From IT To SOC · Defender · Lab & Journey · Blockchain Forensics practice
🌀 VIRTUA FIGHTER 3 EDITION · FROM NETWORK ADMIN TO SOC DEFENDER

From 20-Year IT Admin
to SOC Analyst Defender

“After two decades of building networks, I now defend them — one packet, one alert, one script at a time.”
Professional evolution: IT Administrator → SOC Analyst (CompTIA Security+ in progress).
Documenting real detection engineering, SIEM deployment, and enterprise forensics scripts. This page is my public SOC lab, tool repository, and community-supported transition to remote Tier-1 Security Operations.

Bitcoin

Support SOC hardware, lab licensing & tooling.

12Um8sPvrFE3hLQ4ERTiK3xtX4XmrcrLpv
🎓💻

GoFundMe

Dell SOC Laptop for 24/7 lab & malware analysis.

❤️ Support
💰

Cash App

Quick support for certs, coffee, and lab costs.

💚 Send

$deepooler79

💸

PayPal.me

Secure donations via PayPal — fuels lab gear & certs.

💙 Donate

@DPoolerJr

📁 SOC Analyst Toolbox · Forensics Scripts

⬇️ Download All
🐧
Blockchain Forensics Linux.sh
IR sensor · MITRE mapping
🪟
Blockchain Forensics Windows.ps1
PowerShell + WSL2
🖥️
kiosk_fixer Windows.ps1
Kiosk remediation
📀
Kiosk_fixer Linux.sh
Linux kiosk security
🔗 Enterprise-grade scripts for SOC/IR, blockchain forensics, and kiosk hardening.

📡 Live SOC Lab · Detection Log

🛡️ Attack: Nmap Stealth Scan (SYN)

📅 April 7, 2026 | Tools: Nmap, Wireshark

From Kali to Linux Mint: 331 packets. nmap -sS 10.0.2.15 revealed sequential port probing + RST responses.

🔍 MITRE T1046: Network Service Scanning detected.

📦 First Capture: 396 Packets

April 7, 2026 · Wireshark 4.2.2

sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap. Analyzed MDNS broadcasts & TLS metadata.

🧠 Blockchain Forensics & MITRE Mapping

Windows/Linux · SIEM ready

Cross-platform sensor maps cryptominers (T1496.001), wallet theft (T1552.001) and mempool anomalies to Splunk/Elastic.

📜 Security+ & SOC Toolkit

Current focus: Security+ (SY0-701) & CySA+.

  • 🔐 Threats & Vulnerabilities — nmap detection lab
  • 📊 SOC Operations — SIEM fundamentals
  • 🌐 Network Security — Wireshark, Zeek
  • 🛠️ Incident Response — IR playbooks
🌟 "You can't secure what you don't understand"

💪 Community Support

Applying for remote Tier-1 SOC Analyst roles. Donations go toward a Dell laptop for SIEM, EDR, and malware sandboxes.

📬 Connect / Collaborate:
📧 Email: danovispoolerjr@gmail.com
🔗 LinkedIn: linkedin.com/in/deepooler78

🚀 Next milestone (April 2026): Cross-VM lateral movement — Host-Only network between Kali & Mint, writing Sigma rules. Feedback welcome on LinkedIn!

💼 LinkedIn-ready script folder: Enterprise-grade blockchain forensics (Linux/Windows), kiosk fixers, and IR utilities.
👉 Share your feedback on LinkedIn or via email.

No comments:

Post a Comment

My Entry Level Remote SOC Analyst Lab.

Danovis Pooler - SOC Analyst Journey | DeepSeek Edition 🧠 ...