// Projects

Hands-on technical projects building security infrastructure, analyzing threats, and learning through experimentation.

Active Projects

HOMELAB ONGOING

AeroLab v2: Purple Team Home Lab

A full rebuild of the original AeroLab across two physical nodes with segmented networks and a complete detection stack. Elastic SIEM 9.x ingests Sysmon events from a Windows Server 2022 domain controller populated with realistic misconfigurations via BadBlood. Velociraptor handles live endpoint forensics, MITRE Caldera runs ATT&CK-mapped adversary emulations, and Kali handles manual offensive work from an isolated segment. The red team network can reach production for attack simulations but has no path to the security segment.

Proxmox Elastic SIEM Active Directory Velociraptor Caldera
Read technical writeup →
NETWORKING ONGOING

NetworkChuck Summer of CCNA

A structured 4-month self-guided program working through the full Cisco CCNA 200-301 curriculum. Weekly video and ebook lessons cover networking fundamentals, IP addressing, routing protocols, switching, and network security concepts. Hands-on labs use Cisco IOS in-browser environments to reinforce configuration skills alongside practice exams mapped to the certification objectives.

Cisco CCNA Networking Routing & Switching

Completed Projects

CLOUD 2026

Cloud Threat Intelligence Honeypot

Deployed T-Pot honeypot on Google Cloud Platform and left it exposed to the internet for 28 days, capturing 96 million events. Analyzed adversary TTPs from real-world threat actors, documented CVE exploitation patterns, correlated indicators of compromise with threat intelligence feeds, and published a 14-report research series on the findings.

T-Pot GCP Threat Intelligence OSINT
Explore the project on GitHub →
Read the research reports →
TRAINING 2026

GCIH Incident Handler Certification

Completed hands-on study for GIAC Certified Incident Handler certification through SANS SEC504 coursework, practicing incident response procedures, malware analysis, and forensic investigation techniques in lab environments. Passed the GCIH exam in February 2026 with a 98%.

Incident Response Malware Analysis Forensics SANS
HOMELAB 2025

AeroLab: Cybersecurity Homelab

Clustered Proxmox infrastructure built for blue team operations and threat detection. Runs Wazuh SIEM for log analysis, Suricata IDS for network monitoring, Windows Active Directory for enterprise simulation, and containerized vulnerable applications for security testing.

Proxmox Wazuh SIEM Suricata IDS Active Directory
Read technical writeup →
BLOCKCHAIN 2025

AeroX ERC-20 Token

Built and deployed a cryptocurrency token on Ethereum's Sepolia testnet to understand blockchain security from the ground up. Explored smart contract vulnerabilities, transaction security, and the fundamentals of decentralized systems through hands-on development with Solidity and Hardhat.

Solidity Smart Contracts Web3 Security Blockchain
Read technical writeup →