Skip to content
View felix3224's full-sized avatar
🌴
On vacation
🌴
On vacation

Highlights

  • Pro

Block or report felix3224

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
felix3224/README.md

Typing SVG


🧑‍💻 About Me

I'm a Computer Science student (4/8) based in Brazil, building hands-on skills in cybersecurity, SOC operations, and infrastructure monitoring.

My focus is on the defensive side of security — detecting real attacks, analyzing network traffic, and building functional lab environments that mirror production SOC workflows.

  • 🎓 B.Sc. Computer Science — currently in 4th semester
  • 🛡️ Focus areas: SOC Operations · Threat Detection · Incident Response
  • 🔬 Currently building: homelab environments with Wazuh/Elastic Stack, Zeek, Shuffle & Thehive
  • 📚 Also studying: Network, Databases, C, Python
  • 🌱 Learning on the side: English · Basketball

🛡️ Featured Project — SOC-Automation | Wazhu | Shuffle | TheHive

A hands-on SOC lab built to detect and analyze real security incidents.

Wazuh SOAR IR

This lab simulates a small SOC environment where I monitor, detect, create Rule and investigate security events end-to-end:

Layer Stack
infrastructure Azure - Ubuntu server 22.04
SIEM / EDR Wazuh
Monitored endpoint Windows 11 (+sysmon)
SOAR Shuffle
Threat Intelligence VirusTotal 3.1
IR TheHive

Attack scenarios covered (MITRE ATT&CK):

  • T1003 — Credential Dumping

This was my most recent project and the one where the concepts really clicked — from agent deployment and log collection to correlating alerts and investigating attacker behavior in a realistic monitored environment.


🔐 Featured Project — Threat Detection Lab

A functional SOC environment running on a single VM with only 3.2 GB RAM.

Repo Status Elastic Stack Zeek

Network Sentinel Lab simulates and detects real attack techniques in a controlled environment:

Layer Stack
SIEM / Logging Elasticsearch · Kibana · Filebeat
IDS / NTA Zeek 6.0
Vulnerable target Apache2 + PHP · MySQL
Infrastructure Ubuntu Server 22.04 · VirtualBox
Automation Bash scripting

Attack scenarios covered (MITRE ATT&CK):

  • T1595 — Active Scanning via Nmap → detected by Zeek conn.log
  • T1190 — SQL Injection against vulnerable web app → logged in attacks.log

🛠️ Tech Stack

Security & Infra

Linux Bash VirtualBox Azure Wazuh

Languages

Python C JavaScript

Data & Tools

MySQL Git GitHub

Tools I work with: Elastic Stack (ELK) · Zeek · Nmap · Hydra · VirtualBox · Filebeat · Kibana


📂 Repositories

Project Description Stack
SOC-Automation-Lab Detection of Mitre Atack: T1003 Wazuh + Shuffle + TheHive
🛡️ Threat-Detection-Lab SOC lab: attack detection with Zeek + ELK Shell · Ubuntu · Elastic
🎮 rpg-python Text RPG to practice OOP concepts Python
⚔️ desafio-felix3224-2025 2025 technical challenge — problem solving & code organization JavaScript
🎓 University-studies Projects and exercises from CS coursework C

📊 GitHub Stats


📫 Connect

LinkedIn TryHackMe Gmail GitHub


"Security is not a product, but a process." — Bruce Schneier

github contribution grid snake animation

Pinned Loading

  1. soc-wazuh-homelab soc-wazuh-homelab Public

    End-to-end SOC automation lab: Sysmon → Wazuh → Shuffle → TheHive. Detects and triages Credential Dumping (MITRE T1003) in real time, cutting MTTR to seconds.

    2

  2. Redes Redes Public

    Um repositório destinado aos estudos de redes e resoluções de atividades. Serve para aprendizado e revisão de futuras provas, trabalhos e Práticas no Cisco Packet Tracer.

    1

  3. rpg-python rpg-python Public

    An rpg to put into practice my know of POO. This go to be funny ;)

    Python 4

  4. Threat-Detection-Lab Threat-Detection-Lab Public

    Laboratório de SOC para monitoramento de ataques (Nmap, Hydra, SQLi) utilizando Ubuntu Server, Zeek e Elastic Stack (ELK).

    Shell 2