A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

Extract useful information from PANOS support file for CVE-2024-3400

Lightweight log scanner to flag brute-force attempts and high-volume hostile IP activity.

A comprehensive collection of security log analysis projects and methodologies for detecting threats, credential abuse, and advanced persistent threats (APTs) in enterprise environments. Features detailed forensic investigations of large-scale Windows Security Event Logs using Python-based data analytics and behavioral pattern recognition.

A Python-based static analysis tool that inspects PDF internal structure to detect malicious JavaScript, obfuscated streams, embedded payloads, and indicators of compromise using object & stream level parsing inspired by pdfid, pdf-parser, peepdf, and qpdf methodologies.

Executive phishing email analysis for VitalCare Health Solutions – includes header inspection, BEC indicators, SPF/DKIM/DMARC checks, malicious attachment & URL analysis, and a stakeholder-ready executive report with findings, impact, and recommendations.