{"id":31762401,"url":"https://github.com/dacyborg87/cybersecurity-labs","last_synced_at":"2026-05-09T16:40:37.034Z","repository":{"id":316150104,"uuid":"1057686410","full_name":"dacyborg87/Cybersecurity-Labs","owner":"dacyborg87","description":"Collection of my cybersecurity homelab projects","archived":false,"fork":false,"pushed_at":"2025-09-23T00:12:03.000Z","size":1173,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-23T01:18:58.330Z","etag":null,"topics":["home-lab","home-lab-dashboard","home-lab-detections","kali-linux","linux","siem","suricata","sysmon","threat-hunting","ubuntu","ubuntu-server","wazuh","wazuh-agent","windows","windows-11"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dacyborg87.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-16T04:37:34.000Z","updated_at":"2025-09-23T00:19:32.000Z","dependencies_parsed_at":"2025-09-23T01:18:59.661Z","dependency_job_id":"94ac7d7b-edae-4582-b49a-d344ea86a43d","html_url":"https://github.com/dacyborg87/Cybersecurity-Labs","commit_stats":null,"previous_names":["dacyborg87/cybersecurity-labs"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/dacyborg87/Cybersecurity-Labs","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dacyborg87%2FCybersecurity-Labs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dacyborg87%2FCybersecurity-Labs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dacyborg87%2FCybersecurity-Labs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dacyborg87%2FCybersecurity-Labs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dacyborg87","download_url":"https://codeload.github.com/dacyborg87/Cybersecurity-Labs/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dacyborg87%2FCybersecurity-Labs/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002104,"owners_count":26083307,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["home-lab","home-lab-dashboard","home-lab-detections","kali-linux","linux","siem","suricata","sysmon","threat-hunting","ubuntu","ubuntu-server","wazuh","wazuh-agent","windows","windows-11"],"created_at":"2025-10-09T22:18:32.960Z","updated_at":"2025-10-09T22:18:47.294Z","avatar_url":"https://github.com/dacyborg87.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cybersecurity Labs  \n\nA collection of my hands-on cybersecurity projects, built in my home lab to practice **SOC analyst workflows, detection engineering, and incident response**.  \n\nI use this repo to document my learning process, share configurations, and showcase detection techniques aligned with the **MITRE ATT\u0026CK framework**.  \n\n---\n\n## 🔹 Lab Overview  \n\n- **SIEM:** Wazuh (log collection, alerting, correlation)  \n- **IDS:** Suricata (network intrusion detection, custom rule writing)  \n- **Endpoints:** Windows 11 VM (with Sysmon), Ubuntu/Kali Linux  \n- **Networking Tools:** Nmap, Wireshark  \n- **Scripting:** PowerShell, Bash  \n\n---\n\n## 🔹 Projects  \n\n### 1. Home SOC Lab: Wazuh SIEM  \n- Deployed Wazuh for centralized log collection.  \n- Integrated Windows (Sysmon) and Linux endpoints.  \n- Built detection rules mapped to MITRE ATT\u0026CK (brute force, privilege escalation, persistence).  \n- **Skills:** SIEM, Log Analysis, Incident Response.  \n \n\n---\n\n### 2. Suricata IDS \u0026 Custom Rule Writing  \n- Deployed Suricata to monitor network traffic.  \n- Wrote custom rules to detect:  \n  - Brute force attempts  \n  - Port scanning  \n  - Suspicious PowerShell activity  \n- Tuned alerts to reduce false positives.  \n- **Skills:** IDS/IPS, Detection Engineering, Network Security.   \n\n---\n\n### 3. Windows Event Logging with Sysmon  \n- Configured Sysmon for advanced event collection.  \n- Forwarded logs to Wazuh for correlation.  \n- Detected simulated persistence and lateral movement.  \n- **Skills:** Sysmon, Windows Event Logging, Threat Detection.  \n\n---\n\n### 4. Threat Detection Playbook  \n- Documented detection and response workflows for:  \n  - Brute force login attempts  \n  - Malware execution  \n  - Privilege escalation  \n- Created repeatable incident response steps.  \n- **Skills:** Threat Hunting, MITRE ATT\u0026CK, Incident Response.  \n\n---\n\n### 5. Network Scanning \u0026 Reconnaissance  \n- Conducted scans with Nmap to discover open ports \u0026 services.  \n- Simulated attacker reconnaissance.  \n- Compared results with vulnerability scans.  \n- **Skills:** Nmap, Recon, Vulnerability Testing.  \n\n---\n\n## 🔹 How to Use This Repo  \n\n- Each folder contains documentation, configs, and screenshots for a lab.  \n- Files are organized so others can reproduce the labs in their own environment.  \n- Example workflow:  \n  1. Review project README.  \n  2. Deploy VM(s).  \n  3. Import configuration files.  \n  4. Recreate detection \u0026 analyze alerts.  \n\n---\n\n## 🔹 Roadmap  \n\n- Add more MITRE ATT\u0026CK technique coverage  \n- Expand Suricata rules (HTTP, DNS, C2 detection)  \n- Integrate Elastic Stack dashboards  \n- Document incident response “case studies”  \n\n---\n\n## 🔹 Author  \n\n**Dominic “DJ” Jones**  \n- Aspiring Tier 1 SOC Analyst (San Antonio, TX)  \n- Currently working toward **CompTIA A+ \u0026 Security+**  \n- Building hands-on skills in detection engineering \u0026 incident response  \n\n🔗 [Connect with me on LinkedIn](https://linkedin.com/in/)  \n🔗 [More projects coming soon]  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdacyborg87%2Fcybersecurity-labs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdacyborg87%2Fcybersecurity-labs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdacyborg87%2Fcybersecurity-labs/lists"}