Skip to content
View DurgaRamireddy's full-sized avatar
🎯
Focusing
🎯
Focusing

Block or report DurgaRamireddy

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
DurgaRamireddy/README.md

Hey there, I'm Durga!

I am a Master's graduate student in Cybersecurity with hands-on experience in SOC operations, threat intelligence, applied cryptography, and OT/ICS security. I build and analyze security labs focused on network monitoring, threat investigation, and encryption systems, and I share my work here to demonstrate practical cybersecurity skills. I am currently seeking an opportunities to begin my career as a SOC Analyst where I can contribute to security monitoring, threat detection, and incident investigation.

🛠 Skills & Tools

  • SIEM & Threat Detection: Splunk Enterprise, SPL, HTTP Event Collector (HEC), Security Onion, Kibana, Zeek, Suricata, IDS/IPS
  • Incident Response & Forensics: Windows Event Log Analysis, Linux Log Analysis, PowerShell Forensics, Packetbeat, IOC Extraction, Attack Timeline Reconstruction
  • Threat Intelligence: MITRE ATT&CK (Enterprise + ICS), APT Research, Attack Reconstruction, Threat Reporting
  • Network & Endpoint Security: Wireshark, Nmap, Packet Analysis, Firewall Concepts, TCP/IP
  • OT / ICS Security: SCADA Systems, Modbus Protocol, LogixPro, Security Onion for OT
  • Offensive Tools (Lab Use): Kali Linux, Hydra, GoPhish, Metasploit concepts
  • Cryptography: AES, Classical Cipher Analysis, CrypTool 2, OpenSSL
  • Cloud & Platforms: AWS (Cloud Practitioner), Ubuntu, Windows 10, VMware

📂 Projects

SOC & Network Analysis

  • Splunk HOME SOC Detection Lab - End-to-End Alert Lifecycle - Deployed Splunk Enterprise on Ubuntu as a SIEM, engineered a Windows log forwarding pipeline via HTTP Event Collector (HEC), simulated a multi-stage attack chain from Kali Linux (brute force + PowerShell persistence), detected all attack stages using SPL queries, and documented findings in a formal incident report mapped to MITRE ATT&CK (T1110, T1078, T1059.001, T1547).
  • Phishing Simulation & SOC Investigation Lab - Deployed GoPhish on Ubuntu to run a credential harvesting campaign against a Windows victim, captured credentials via a spoofed IT portal, and investigated the full attack chain in Splunk using EventID 4688 parent-child process analysis. Mapped to MITRE ATT&CK T1566.002, T1204.001, T1078, T1056.003.
  • Home SOC Lab - Simulated Intrusion & Privilege Escalation Investigation – Simulated intrusion using Kali and Ubuntu to investigate SSH brute-force activity, analyze authentication logs, and detect privilege escalation through sudo misconfiguration.
  • Security Onion Lab - Network monitoring and IDS deployment using Zeek and Suricata to analyze network traffic and detect potential attacks.
  • PowerShell Lotl Investigaton Lab - Host-based attack investigation focusing on persistence techniques and IOC identification.
  • Vulnerable Web Server Traffic Analysis Lab - Malicious traffic investigation using Kibana and Packetbeat with remediation recommendations.

Threat Intelligence

  • Sandworm APT Analysis - Research and technical analysis of the Sandworm threat group, including attack reconstruction and MITRE ATT&CK mapping.

Security Risk & Governance

  • Crown Jewel Security Analysis - Insider threat risk analysis of Tesla intellectual property using the Bowtie risk model to evaluate threats, consequences, and security controls.

Applied Cryptography

OT / ICS Security

Certifications

📫 Connect with Me

Pinned Loading

  1. Phishing-Simulation-SOC-Investigation-Lab Phishing-Simulation-SOC-Investigation-Lab Public

    End-to-end phishing simulation and SOC investigation lab - deploying GoPhish credential harvesting infrastructure and detecting execution via Windows EventID 4688 parent-child process analysis in S…

  2. Splunk-HOME-SOC-Detection-Lab---End-to-End-Alert-Lifecycle Splunk-HOME-SOC-Detection-Lab---End-to-End-Alert-Lifecycle Public

    End-to-end SOC detection lab built on Splunk Enterprise - simulating a multi-stage attack across Kali, Windows 10, and Ubuntu, with SPL detection queries, a 4-panel dashboard, and formal incident …

    1

  3. Home-SOC-Lab---Simulated-Intrusion-Privilege-Escalation-Investigation Home-SOC-Lab---Simulated-Intrusion-Privilege-Escalation-Investigation Public

    Simulated SSH brute-force intrusion and privilege escalation investigation using Kali Linux and Ubuntu, analyzed from a SOC analyst perspective.

    1

  4. PowerShell-LotL-Investigation-Lab PowerShell-LotL-Investigation-Lab Public

    Endpoint investigation of a PowerShell LotL attack reconstructing persistence via Windows services, extracting IOCs, and mapping to MITRE ATT&CK using Kibana and Windows event logs.

  5. Sandworm-APT-Analysis Sandworm-APT-Analysis Public

    Threat intelligence analysis of Sandworm APT campaigns against Ukraine's power grid, reconstructing attack chains and mapping TTPs to MITRE ATT&CK ICS framework

  6. Security-Onion-Lab Security-Onion-Lab Public

    Network security monitoring lab using Zeek and Suricata to analyze a malicious PCAP dataset, triage IDS alerts, and map findings to MITRE ATT&CK