Skip to content
View Kjean13's full-sized avatar
🎯
Focusing
🎯
Focusing
3 followers · 4 following

Block or report Kjean13

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Kjean13/README.md

Jean Koumou

JKM

Cybersecurity Engineering Student | Blue Team | DFIR | Detection Engineering

Portfolio · LinkedIn · GitHub · Email 

                     ======================================================================
                      BLUE TEAM | DFIR | CYBER THREAT INTELLIGENCE | DETECTION ENGINEERING 
                     ======================================================================

Profile

  • Cybersecurity engineering student at ESIEA, building a profile around vulnerability analysis, defensive tooling and security automation.
  • Cyber Threat Intelligence Analyst at ******, working on digital evidence, suspicious infrastructure, IOC enrichment and structured reporting.
  • Hands-on experience with Windows, Linux, Active Directory, Microsoft 365, SIEM deployment and incident triage.
  • Seeking a 36-month cybersecurity apprenticeship with a 2 weeks company / 2 weeks school schedule in France.

Featured Projects

ADFT - Active Directory Forensic Toolkit

Offline Windows and Active Directory investigation toolkit with a CLI and local web interface.

  • EVTX, JSON, CSV, CEF, XML, Syslog and ZIP ingestion
  • deterministic detections and correlations
  • timeline reconstruction, attack-path analysis and exposure scoring
  • HTML, JSON, CSV, ATT&CK Navigator and Mermaid exports

Python EVTX FastAPI MITRE ATT&CK DFIR

RuleScope

Governance CLI for Sigma and detection catalogs, built as a quality-control layer around detection content before merge or release.

  • catalog quality scoring across metadata, noise, structure, ATT&CK mapping, maintainability, weakness and documentation
  • semantic duplicate detection based on event-surface similarity rather than lexical YAML similarity
  • baseline vs candidate comparison to surface regressions before release
  • prioritized explanations and remediation guidance for weak rules
  • HTML, Markdown, JSON, SARIF and ATT&CK Navigator exports
  • CI-ready quality gates for pull requests and detection catalog releases

Python Sigma MITRE ATT&CK Detection Engineering CI/CD

Technical Stack

Python PowerShell Bash Linux Windows Docker Git

  • Detection and investigation: SIEM, EDR, Sysmon, Sigma, MITRE ATT&CK, EVTX, IOC analysis
  • Infrastructure: Active Directory, Windows Server, Linux, Microsoft 365, Entra ID, Docker, Ansible
  • Network and reconnaissance: TCP/IP, DNS, Wireshark, Nmap, Shodan, Suricata, Zeek
  • Security platforms: Splunk, Wazuh, Elastic, OpenCTI

Current Focus

  • Active Directory forensics and attack-path reconstruction
  • SOC investigation and SIEM workflows
  • Detection engineering and rule quality
  • Sigma catalog governance and CI quality gates
  • CTI, IOC enrichment and incident reporting

Training

  • Cisco CyberOps: SOC Operations
  • NIST Cybersecurity Framework 2.0
  • CyberDefenders

Pinned Loading

  1. ADFT ADFT Public

    Active Directory Forensic Toolkit : Detect & reconstruct AD attacks from Windows event logs (EVTX)

    Python 51 2

  2. rulescope rulescope Public

    Governance engine for Sigma detection catalogs. Semantic duplicate detection, weakness scoring, ATT&CK coverage, and CI quality gates.

    Python

  3. aiagent-detection-rules aiagent-detection-rules Public

    Detection rules for the Claude Code source leak : 16 Sigma rules, Splunk, Elastic, YARA. Lab-validated on GOAD Light DC02.

    Shell 3

  4. goad-light-deployment goad-light-deployment Public

    Deploying Orange Cyberdefense's GOAD-Light on VirtualBox | step-by-step guide with troubleshooting and detection stack

    3 1