Chillin

TryHackMe

TryHackMe Badge

Obsidian VMware TCM Security

Former Navy Corpsman to cybersecurity with real-world combat experience. I bring military discipline, high-pressure decision-making skills, and a systematic approach to threat detection and incident response.

Purple Team & SOC Focus — building both offensive and defensive capabilities
Operating a 22+ VM home lab for attack simulation and detection engineering
Pursuing PSAA → PSAP → Security+ → CCDL1 → PAPA → PJPT → PNPT certification path
(Inactive) TryHackMe Top 1% - 270+ rooms completed
Actively seeking SOC Analyst & Purple Team roles

$\color{LightSkyBlue}\normalsize{\textsf{Blue Team}}$

• Threat detection & incident response
• SIEM analysis & log correlation
• Threat hunting & malware analysis
• Security monitoring & alerting

$\color{Red}\normalsize{\textsf{Red Team}}$

• Penetration Testing & Security Research
• Red team operations & exploitation
• Active Directory & Windows exploitation
• Network security & privilege escalation

$\color{MediumOrchid}\large{\textsf{Nebula Forge Detection Suite}}$

Nebula Forge is an open-source SOC platform covering the full workflow: Detect → Normalize → Hunt → Drift → Cluster → Simulate → Investigate → Respond → Report. The full suite runs as a fully containerized stack — 13 containerized tools, 15 services total, a shared Postgres backend, and a central dashboard — clone all repos with the included setup script, then a single docker compose up -d starts all services. The dashboard (port 5010) provides live status, one-click launches, and pipeline monitoring across all 18 tools in the org.

Nebula Forge includes two automated pipelines:

• Drift-scan — scheduled Sigma rule drift analysis across your detection library
• Purple-loop — end-to-end purple team cycle: discover (VulnForge) → simulate (AtomicLoop) → detect (Wazuh/Splunk) → validate (DriftWatch) → hunt (HuntForge) | Pipeline validated end-to-end April 2026

• Nebula Forge — 13 tools containerized and live (v1: SigmaForge, YaraForge, Threat-Intel-Dashboard, SnortForge, SIREN, EndpointForge; v2: LogNorm, HuntForge, DriftWatch, ClusterIQ, AtomicLoop, VulnForge, WifiForge) + dashboard (5010) + Postgres, 15 services total — setup scripts + single docker compose up -d
• Purple team automation pipelines: drift-scan and purple-loop validated end-to-end April 2026
• PSAP 2026 — SOC analyst and detection engineering roles
• Expanding Wazuh SIEM detections and Splunk correlation rules

In Progress:

• 🔹 PSAA (Practical SOC Analyst Associate) - 2026*
• 🔹 PSAP (Practical SOC Analyst Professional) - Scheduled Q4 2026

Certification Roadmap: PSAA → PSAP → Security+ → CCDL1 → PAPA → PJPT → PNPT

22+ VM Purple Team Lab:

• Active Directory lab (attack & defense)
• Snort IDS/IPS network monitoring
• Web vulnerability testing environment
• Malware analysis sandbox
• WiFi penetration testing lab
• Flipper Zero / Pwnagotchi
• Wazuh SIEM with Sysmon integration & MITRE ATT&CK-mapped detections (5 agents: Windows, Linux)
• Splunk Free on Ubuntu for detection and hunt workflows

Kali Linux Windows Ubuntu Debian

$\color{red}\normalsize{\textsf{Offensive }}$ Burp Suite Nmap Metasploit Hashcat BloodHound CrackMapExec

$\color{CornflowerBlue}\normalsize{\textsf{Defensive }}$ Wireshark Wazuh Splunk Elastic Snort YARA Sysmon

$\color{CornflowerBlue}\normalsize{\textsf{Hardware }}$ Flipper Zero Pwnagotchi

Syntax Eyes

Typing SVG

image_alt