class Alphonse: name = "Alphonse Joseph" alias = "nyxsentinel" location = "Sweden πΈπͺ" degree = "MSc Cybersecurity β University West" thesis = "Comparative Evaluation of Open-Source SOAR Tools (2026)" lab = "Raspberry Pi 5 Β· Enterprise Security Stack Β· Running Live" philosophy = "You can't defend what you don't understand." currently = [ "Writing MSc thesis benchmarking Shuffle vs Wazuh/Cortex/TheHive", "Generating real attack data via T-Pot honeypot + FortiGate 50G NGFW", "Building automated SOAR playbooks + Python metrics pipeline", ] looking_for = ["Penetration Testing", "Threat Intelligence", "SOC / Security Research"]
Comparative Evaluation of Open-Source SOAR Tools
Benchmarking Shuffle vs Wazuh/Cortex/TheHive, integrated with a FortiGate 50G NGFW and T-Pot honeypot to capture real attacker behaviour. Building automated playbooks and a Python metrics pipeline β the first empirical benchmark of open-source SOAR tools.
Offensive Security
Metasploit Nmap Burp Suite Hydra sqlmap aircrack-ng Flipper Zero
Defense & Network
nftables WireGuard Piβhole CrowdSec Fail2ban Cowrie T-Pot
Monitoring & SIEM
Grafana Prometheus Loki Wazuh Shuffle
AI / ML for Security
scikit-learn Pandas Random Forest SVM Isolation Forest
Infrastructure
| Project | Description | Stack | Type |
|---|---|---|---|
| π§ Pi 5 Security Operations Lab | Enterprise-grade security stack on Raspberry Pi 5. DNS filtering, VPN, firewall, SSH honeypot, SIEM, live dashboards. Running live 24/7. | Shell Β· Python Β· Docker | π΅ Defensive |
| π€ ML Security Classifier | Network intrusion detection pipeline. Decision Tree, Random Forest, KNN and SVM with comparative analysis and feature importance visualization. | Python Β· scikit-learn | π£ ML/AI |
| π‘ Rogue Wi-Fi Access Point | Fake AP with captive portal demonstrating credential harvesting, internet spoofing, and session logging. Security awareness training tool. | Python | π΄ Offensive |
| π¬ Flipper Zero Payload Suite | BadUSB payload collection for Windows/macOS/Linux β system recon reported via Discord webhooks. Built for authorized assessments. | DuckyScript | π Hardware |
| Stat | Value |
|---|---|
| π« DNS Domains Blocked | 433,000+ |
| π IPs Banned (CrowdSec) | 15,000+ |
| βοΈ Services Running | 11 |
| πΎ Hardware | Raspberry Pi 5 Β· 8GB RAM Β· 512GB NVMe |
| π Network | Gigabit Ethernet Β· DuckDNS Β· WireGuard VPN |
| Layer | Services |
|---|---|
| π Network | Pi-hole v6 Β· Unbound (DNSSEC) Β· WireGuard Β· DuckDNS |
| π Security | nftables Β· Fail2ban Β· CrowdSec Β· Cowrie SSH Honeypot |
| π Monitoring | Grafana Β· Prometheus Β· Loki Β· Promtail |
| π³ Infra | Docker Β· Portainer Β· Heimdall |
| Link | Topic | |
|---|---|---|
| π | Research Reports | AI-based threat detection Β· network defense |
| βοΈ | CTF Writeups | HackTheBox Β· TryHackMe walkthroughs |
| π | CV | Full background & experience |