From IT Admin to SOC Defender – Cybersecurity Lab & Journey - Blockchain Forensics practice.

🔐 From Network Admin to SOC Defender · Live Lab

From 20-Year IT Admin
to SOC Analyst Defender

“After two decades of building networks, I now defend them — one packet, one alert, one script at a time.”

⚡ Professional evolution: IT Administrator → SOC Analyst (CompTIA Security+ in progress).
Documenting real detection engineering, SIEM deployment, and enterprise forensics scripts. This page is my public SOC lab, tool repository, and community-supported transition to remote Tier-1 Security Operations.

₿

Bitcoin Donation

Support SOC hardware, lab licensing & open-source tooling.

⚡ BTC Address: 12Um8sPvrFE3hLQ4ERTiK3xtX4XmrcrLpv

🔒 Works with custodial & non-custodial wallets (Electrum, Exodus, Coinbase, etc.)

🎓💻

GoFundMe: Dell SOC Laptop

Help acquire a dedicated Dell laptop for 24/7 lab, SIEM, and malware analysis.

❤️ Support GoFundMe

💰

Cash App

Quick, direct support for certs, coffee, and lab costs.

💚 Send via Cash App

$deepooler79

📁 SOC Analyst Toolbox · Enterprise Forensics Scripts

⬇️ Download All Scripts (Google Drive)

🐧

Blockchain Forensics Linux Script.sh

Enterprise IR sensor · MITRE mapping · BTC/ETH monitoring

🪟

Blockchain Forensics for WINDOWS Script.ps1

PowerShell + WSL2 · VirtualBox · SIEM integration

🖥️

kiosk_fixer for windows 10-11.ps1

Hardened kiosk remediation / security hardening

📀

Kiosk_fixer-for Linux.sh

Linux kiosk security & integrity checker

🔗 Direct download folder includes enterprise-grade scripts for SOC/IR, blockchain forensics, and kiosk hardening. Perfect for hiring managers and collaborators.

📡 Live SOC Lab · Detection Log

🛡️ Attack in Progress: Nmap Stealth Scan (SYN)

📅 April 7, 2026 | Tools: Nmap 7.98, Wireshark, VirtualBox

From Kali Linux to Linux Mint: 331 packets captured. nmap -sS 10.0.2.15 revealed sequential port probing + RST responses. SOC insight: automated scanning vs. human traffic pattern.

🔍 MITRE T1046: Network Service Scanning. Detected via rapid SYN packets & consistent source IP.

📦 First Capture: 396 Packets & Permission Hardening

April 7, 2026 · Wireshark 4.2.2

Learned sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap. Analyzed MDNS broadcasts and TLS metadata — hostnames leak internal topology.

🧠 Enterprise Scripting: Blockchain Forensics & MITRE Mapping

Windows/Linux · SIEM ready

Developed cross-platform sensor that maps cryptominers (T1496.001), wallet theft (T1552.001) and live mempool anomalies to Splunk/Elastic. The scripts are available in the Drive folder above.

📜 CompTIA Security+ & Remote SOC Toolkit

Current focus: Security+ (SY0-701) & CySA+ . Translating 20 years of infrastructure into defensive operations:

• 🔐 Threats & Vulnerabilities — real-world nmap detection lab
• 📊 SOC Operations — SIEM fundamentals (ELK, Splunk) + custom sensor logs
• 🌐 Network Security — Wireshark analysis, Zeek, anomaly baselining
• 🛠️ Incident Response — applying IT troubleshooting to IR playbooks

🌟 "You can't secure what you don't understand" — infrastructure background is my detection superpower.

---

💪 Why Community Support Matters (GoFundMe & Bitcoin)

I’m actively applying for remote Tier-1 SOC Analyst roles while upgrading my home lab. Donations go toward a dedicated Dell laptop for running SIEM, EDR, and malware sandboxes. Every satoshi or GoFundMe contribution accelerates hands-on IR training and certification exams.

📬 Connect / Collaborate: danovispoolerjr@gmail.com | LinkedIn: Danovis Pooler

🚀 Next milestone (April 2026): Cross-VM lateral movement — Host-Only network between Kali & Mint, writing Sigma rules. Feedback welcome on LinkedIn! Download the scripts above and let me know your thoughts.

💼 LinkedIn-ready script folder: The “SOC Analyst Toolbox” includes enterprise-grade blockchain forensics (Linux/Windows), kiosk fixers, and IR utilities. 👉 Download, review, and share your feedback with me on LinkedIn or via email. Your insights help me grow as a SOC professional.

© 2026 Danovis Maurice Pooler Jr — Oakland, CA 94611 | #FromITtoSOC | CompTIA Security+ Candidate

⚡ Public SOC lab · No AI slop — real packet captures, real scripts, real career transition.
🔗 Main Blog | GitHub (coming) | LinkedIn