Get in touch
This project focuses on network traffic analysis, log ingestion, and cybersecurity event monitoring using Security Onion and Wireshark.
This project focuses on network traffic analysis, log ingestion, and cybersecurity event monitoring using Security Onion and Wireshark. The goal was to establish a controlled environment for cyberattack simulation, detection, and forensic investigation. This hands-on project strengthened skills in SIEM (Security Information and Event Management), intrusion detection, and log correlation.
✅ Deploying & configuring SIEM solutions (Security Onion)
✅ Analyzing network traffic using Wireshark
✅ Investigating security alerts & intrusion attempts
✅ Detecting attack patterns & generating incident reports
✅ Utilizing Kibana, SGUIL, and Squert for log visualization
🔹 Security Onion – SIEM & Network Monitoring
🔹 SGUIL, Squert, Kibana – Log ingestion, correlation, and event visualization
🔹 Logstash – Processing and analyzing security logs
🔹 Wireshark – Network packet capture and forensic analysis
🔹 Metasploit – Simulating attack scenarios for detection testing
📌 Set up Security Onion to collect and analyze logs from various network sources.
📌 Configured firewall rules & monitoring policies for detecting anomalies.
📌 Used SGUIL & Squert to track intrusion attempts and alert correlations.
📌 Investigated suspicious events logged during attack simulations.
📌 Captured live network traffic using Wireshark and analyzed malicious payloads.
📌 Detected Metasploit Trojan payloads and examined attack traces in event logs.
📌 User account listing on Security Onion sensor
📌 Firewall rule configuration using Security Onion
📌 Security events & attack logs viewed in SGUIL & Squert
📌 Kibana interface displaying network activity trends
📌 Event categorization & alert visualization using Squert
📌 Packet analysis for detecting unauthorized network activities
📌 Intrusion attempts traced back using IP logs & protocol analysis
Your email address will not be published. Required fields are marked *
