A practical cybersecurity project focused on log collection, attack detection, and incident response using Splunk/ELK Stack.
Build a SIEM lab to collect, analyze, and visualize logs from Windows systems to detect malicious activity.
- Splunk / ELK Stack
- Windows Event Viewer
- Sysmon
- PowerShell
- Kali Linux (for attack simulation)
- Setup & Configuration
- Log Collection & Ingestion
- Threat Simulation
- Detection & Response
- Reporting & Documentation
- Interactive dashboard (attack timeline)
- Alerts for brute-force and PowerShell misuse
- Incident report PDF (with recommendations)
Gufran Ahmed
Cybersecurity & Network Engineering | Penetration Tester
π London, UK
π LinkedIn: linkedin.com/in/gufran-uh
π» GitHub: github.com/cyb-gufran