🛠 Skills

I don't just learn tools. I learn when to use them, and when to question them.

🧰 My Daily Drivers

Tools I rely on often — for work, experiments, and everything in between.

Linux (Ubuntu, Kali)

Where I think like an attacker.

Ubuntu is home base. Kali is the playground. Together, they taught me to see like an attacker and secure like a builder.

Wireshark

Where the packets tell the story.

Wireshark helped me fall in love with network forensics. It's where I saw the real behavior behind the alerts.

Nmap

The mapmaker of my security landscape.

From port discovery to fingerprinting, Nmap gave me a sense of visibility into every environment I stepped into.

Python

The glue for all my security experiments.

I use Python to script log parsers, automate detection rules, and even build PoC exploits. It's my go-to security utility belt.

Microsoft 365 Security Suite

Defender, Intune, Sentinel — all in one ecosystem.

Mastering M365 tools helped me build a cohesive endpoint-to-cloud security pipeline.

macOS

My personal dev and testing environment.

I use macOS for secure everyday work, blending personal experience with technical workflows.

Windows

Securing corporate workstations.

I use Windows for endpoint hardening and group policy management, simulating enterprise security controls.

Regex

Pattern matching for logs and life.

Regex taught me how much signal you can extract from text with just the right incantation.

SQL

Structured queries for structured security.

SQL powers data visibility in every project — from forensic timelines to access audits.

🧪 My Playground

Tools I tinker with to learn, prototype, and experiment.

Burp Suite

Web app pentesting starts here.

I use Burp to break apps gently and ethically. It taught me to look beneath the UI and interrogate HTTP like a detective.

Security Onion

Network defense in a box.

Deploying Security Onion taught me the SOC lifecycle — from packet to alert to triage to response.

Grafana

Dashboards that make sense of the chaos.

Grafana visualizations helped me surface actionable insights from the data noise.

ELK Stack

Log analysis from Elasticsearch to Kibana.

Using the ELK stack helped me connect alerts to raw logs and hunt faster.

Graylog

SIEM made open and accessible.

Graylog was my intro to real-time logging and rule-based detection.

Cellebrite / XRY

Mobile device forensics toolkit.

Using XRY and Cellebrite gave me hands-on with mobile investigations and evidence handling.

Docker

From dev to deploy — all boxed up.

Containers made it possible for me to test, isolate, and scale tools without environment chaos.

PowerShell

Automation on Windows, the secure way.

PowerShell scripting helped me enforce security policies and automate investigations.

MATLAB

Crunching data for research.

I used MATLAB in coursework to visualize complex security metrics.

🚀 When It Needs to be Scaled

Platforms and practices for large-scale security and compliance.

AWS

Cloud security architecture 101.

From S3 bucket policies to IAM roles, AWS security has been where I practiced secure-by-design principles at scale.

Azure

Microsoft cloud security ecosystem.

I managed Intune, RBAC, and threat protection with Azure's native controls.

GCP

Experimenting with Google's cloud.

I used GCP in sandbox labs to understand IAM, VPC design, and identity federation.

VMware

Virtualized infra for labs and tests.

VMware let me simulate network topologies and threat models in a safe environment.

Kubernetes

Orchestrated security in containers.

I use K8s to manage scale and segmentation, enforcing least privilege and policy-as-code.

WAF

Application-layer shields.

WAFs taught me how to filter web attacks like XSS and SQLi without rewriting app code.

SIEM

Where all the logs come to life.

Managing SIEMs gave me an appreciation for data-driven defense and how visibility drives response.

EDR

Endpoint telemetry for deep visibility.

EDRs made it possible to catch subtle intrusions before they became incidents.

IDS/IPS

Watchdogs at the packet layer.

I use IDS/IPS to spot abnormal behaviors that firewalls can miss.

📚 Governance & Frameworks

What shaped my security thinking in school and beyond.

FAIR

Risk quantified.

FAIR helped me move security conversations from vague threats to measurable impact.

ISO 27001

Information Security Management Systems.

Understanding ISO helped me align real-world security practices with governance requirements in regulated environments.

NIST SP 800-39

Risk framed as a lifecycle.

NIST 800-39 shaped how I look at assets, threats, and controls as evolving systems.

MITRE ATT&CK

Tactics and techniques in plain sight.

ATT&CK gave structure to adversary behavior and detection design.

OCTAVE FORTE

Operationalizing enterprise risk.

OCTAVE FORTE taught me how to connect stakeholder concerns to technical gaps.

PCI-DSS

Cardholder data in focus.

PCI showed me how security controls manifest in transactional systems.

STRIDE

Modeling threats at the design stage.

STRIDE taught me to think like a threat actor before writing any code.

GDPR

Privacy regulations in practice.

GDPR helped me balance usability, security, and compliance for data rights.

Threat Modeling

Proactive security planning.

Threat modeling made me ask 'what could go wrong?' before anything did.

See These Tools in Action

Curious how I apply these skills in real-world projects? Check out my work to see these tools and frameworks in action.

View My Projects