This project simulates the end-to-end detection, analysis, and response to a phishing email compromise targeting an IT company. It demonstrates skills in email forensics, SIEM analysis, and incident response reporting.
Zenith_Phishing_Portfolio_Project.docx– Full reportinbox_rules_log.csv– Simulated SIEM log data2_Email_Header.txt– Phishing header metadata3_Forwarding_Rules.json– Inbox rules placed by attacker11_Phishing_Email.eml– Raw emailIOC_List.csv– Indicators of Compromisescreenshots/– Evidence from CyberChef, VirusTotal, SplunkMITRE_Mapping.docx– ATT&CK breakdown
- Email header and link analysis
- IOC extraction and log correlation
- Splunk search simulation
- MITRE ATT&CK mapping
- Incident response documentation
- T1566.001 – Spearphishing Link
- T1078 – Valid Accounts
- T1114.002 – Auto-forwarding Rules
- T1070.004 – Indicator Removal
- T1105 – Remote File Transfer
This case study mimics a real-world SOC investigation and is part of my cybersecurity portfolio.