Skip to content
View WiLL75G's full-sized avatar
42 followers · 0 following

Achievements

Achievement: Quickdraw

Achievements

Achievement: Quickdraw

Block or report WiLL75G

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
WiLL75G/README.md

SOC Analyst Project Portfolio

Blue Team | Detection Engineering | Incident Response

Core stack:

Splunk Microsoft Sentinel Microsoft Azure KQL Wazuh Wireshark MITRE ATT&CK PowerShell Bash

About Me

I'm William, a cybersecurity practitioner building toward a SOC Analyst role with a focus on defensive security, detection engineering, and incident response. This repository documents structured, hands-on work across the Blue Team skill stack: alert triage, log analysis, SIEM investigations, and threat hunting.

Every project here is built to mirror the workflows of a working SOC, not tutorial replays. The goal is demonstrable competence: detections I've written, incidents I've walked through end-to-end, and tooling I can speak to in an interview.

Certifications: ISC2 Certified in Cybersecurity (CC) | CompTIA Security+ (in progress)

Core SOC Projects

The detection, triage, and incident response work most representative of day-to-day SOC analyst operations.

Project Focus Technique Status
SSH Brute Force Detection (Splunk) SIEM detection, log analysis T1110
Phishing Email Analysis Email triage, IOC extraction T1566
Splunk SIEM Alerts & Dashboard Alert engineering, dashboards
Incident Response Playbook IR workflow, containment
Network Traffic Analysis (Wireshark) Packet inspection, anomaly detection
MITRE ATT&CK Detection Coverage Detection mapping, coverage analysis

Additional Projects

Project Focus Status
Network Port Scan Detection (Wireshark) Recon detection
Windows Event Log Analysis Endpoint log triage
Linux Log Analysis & File Integrity Host integrity monitoring
Active Directory Password Spray Detection Identity attack detection
Malware Analysis & Threat Hunting Threat hunting
Vulnerability Scanning & Remediation Vuln management
Firewall Rules & Network Segmentation Network defense
PowerShell SOC Toolkit Automation/scripting
Threat Intelligence & OSINT Threat intel
SOC Shift Simulation Capstone End-to-end shift sim
Regex Log Parsing Toolkit Log parsing, SPL
Wazuh EDR Lab EDR/endpoint detection
Digital Forensics Investigation DFIR
SOC Metrics Dashboard SOC reporting
Advanced Splunk Intelligence Platform Advanced SIEM

Goal

Build a real-world SOC Analyst portfolio through hands-on detection, investigation, and documentation, and land an entry-level Blue Team role.

LinkedIn X

Open to networking and collaboration in cybersecurity and Blue Team learning.

Pinned Loading

  1. WiLL75G WiLL75G Public

    28-Day SOC Analyst Portfolio | Blue Team | Detection Engineering | Built in Public

    3

  2. soc-day01-ssh-brute-force-detection soc-day01-ssh-brute-force-detection Public

    SSH brute force attack detection using log analysis and SOC investigation techniques.

    2

  3. soc-day09-incident-response-playbook soc-day09-incident-response-playbook Public

    Building a structured incident response playbook for SOC operations

    2

  4. soc-day10-mitre-attack-mapping soc-day10-mitre-attack-mapping Public

    Mapping security events to MITRE ATT&CK framework techniques

    2

  5. soc-day02-phishing-email-analysis soc-day02-phishing-email-analysis Public

    Analysis of suspicious emails to identify phishing indicators and malicious content

    2 1

  6. soc-day08-splunk-siem-alerts-dashboard soc-day08-splunk-siem-alerts-dashboard Public

    Creating SIEM alerts and dashboards using Splunk

    1