Hands-on projects demonstrating endpoint detection, phishing investigation, and SOC analyst workflows using Sysmon and MITRE ATT&CK mapping.
| Folder | Contents |
|---|---|
| 01-Windows-VM-Setup-and-Baseline | Windows 10 baseline + Sysmon configuration, screenshots |
| 02-Endpoint-Compromise-Detection-and-Threat-Containment | Threat investigation report, MITRE ATT&CK mapping, Sysmon alert analysis |
| 03-email-phishing-triage-lab | Phishing email investigation including headers, IOCs, detection rule, and user awareness brief |
Each folder = complete project with docs, screenshots, and writeups.
Michelle Holmes
SOC Analyst | Blue Team Focus