I'm a Computer Science student (4/8) based in Brazil, building hands-on skills in cybersecurity, SOC operations, and infrastructure monitoring.
My focus is on the defensive side of security — detecting real attacks, analyzing network traffic, and building functional lab environments that mirror production SOC workflows.
- 🎓 B.Sc. Computer Science — currently in 4th semester
- 🛡️ Focus areas: SOC Operations · Threat Detection · Incident Response
- 🔬 Currently building: homelab environments with Wazuh/Elastic Stack, Zeek, Shuffle & Thehive
- 📚 Also studying: Network, Databases, C, Python
- 🌱 Learning on the side: English · Basketball
A hands-on SOC lab built to detect and analyze real security incidents.
This lab simulates a small SOC environment where I monitor, detect, create Rule and investigate security events end-to-end:
| Layer | Stack |
|---|---|
| infrastructure | Azure - Ubuntu server 22.04 |
| SIEM / EDR | Wazuh |
| Monitored endpoint | Windows 11 (+sysmon) |
| SOAR | Shuffle |
| Threat Intelligence | VirusTotal 3.1 |
| IR | TheHive |
Attack scenarios covered (MITRE ATT&CK):
T1003— Credential Dumping
This was my most recent project and the one where the concepts really clicked — from agent deployment and log collection to correlating alerts and investigating attacker behavior in a realistic monitored environment.
A functional SOC environment running on a single VM with only 3.2 GB RAM.
Network Sentinel Lab simulates and detects real attack techniques in a controlled environment:
| Layer | Stack |
|---|---|
| SIEM / Logging | Elasticsearch · Kibana · Filebeat |
| IDS / NTA | Zeek 6.0 |
| Vulnerable target | Apache2 + PHP · MySQL |
| Infrastructure | Ubuntu Server 22.04 · VirtualBox |
| Automation | Bash scripting |
Attack scenarios covered (MITRE ATT&CK):
T1595— Active Scanning via Nmap → detected by Zeekconn.logT1190— SQL Injection against vulnerable web app → logged inattacks.log
Tools I work with: Elastic Stack (ELK) · Zeek · Nmap · Hydra · VirtualBox · Filebeat · Kibana
| Project | Description | Stack |
|---|---|---|
| SOC-Automation-Lab | Detection of Mitre Atack: T1003 | Wazuh + Shuffle + TheHive |
| 🛡️ Threat-Detection-Lab | SOC lab: attack detection with Zeek + ELK | Shell · Ubuntu · Elastic |
| 🎮 rpg-python | Text RPG to practice OOP concepts | Python |
| ⚔️ desafio-felix3224-2025 | 2025 technical challenge — problem solving & code organization | JavaScript |
| 🎓 University-studies | Projects and exercises from CS coursework | C |
"Security is not a product, but a process." — Bruce Schneier


