Skip to content
View yigit006's full-sized avatar

Highlights

  • Pro

Block or report yigit006

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
yigit006/README.md

Hi, I'm Yiğit 👋

Mathematics & Computer Science student applying statistics to threat detection.

I work on the blue-team side of security — detection engineering, threat hunting and threat intelligence — and I like problems where math actually earns its keep: separating malicious network behavior from noise, scoring risk, correlating weak signals into campaigns.

  • 🎓 3rd-year Mathematics & Computer Science @ Eskişehir Osmangazi University
  • 🛡️ CTI Academy PRISM certified (Cyber Threat Intelligence) · Siber Vatan cybersecurity program trainee
  • 🤝 General Coordinator @ ESOGÜ MACS — organized technical events with speakers from Picus Security, Trendyol, Unico Studio and more
  • 📫 LinkedIn · yigit.yucel.official@gmail.com

🔭 Featured Projects

heartbeat-hunter — Statistical C2 Beacon Detection Engine

Detects jittered command-and-control beaconing in network flow data using pure statistics — no signatures, no ML black box. Robust time-series analysis (dominant-cluster CV, MAD, Schuster periodogram), Bayesian composite scoring and graph-based campaign correlation, mapped to MITRE ATT&CK T1071 / T1573.

Evaluated on the CTU-13 botnet dataset: composite scoring improved the first-true-C2 rank in every scenario, and campaign correlation surfaced the real C2 server as rank #1 among 94 candidates in a 10-bot scenario. Ships with CI, tests, a JSON-output CLI for SIEM integration and a Streamlit dashboard.

Python pandas networkx SciPy Streamlit Zeek/NetFlow

sentinel_ai — Local-AI-Assisted Security Testing Tool (2-person team)

Desktop app that turns natural-language prompts into pentest commands via a local LLM (Qwen 2.5 3B / Ollama) and a two-stage intent-resolution pipeline, with a Dockerized backend orchestrating Nmap, Gobuster, Nikto and Hydra. My side: PyQt6 UI, process manager, and the security/privilege layer (pkexec, gated structured command execution, defusedxml).

Python PyQt6 Docker Ollama

Guvenlik-Yardimcisi — Desktop Security Analysis & PII Detection

4-module Windows security suite: cross-view rootkit/hidden-process detection, memory analysis, ADS detection, PII scanning (TCKN, Luhn-validated cards, IBAN) across office documents, and URL reputation via VirusTotal / URLhaus / urlscan.io — behind a weighted risk-scoring and correlation engine.

Python CustomTkinter VirusTotal API


🧪 Labs & Write-ups

  • wazuh-siem-docs — Multi-VM Wazuh SIEM lab (Manager/Indexer/Dashboard, Windows + Linux agents); SSH brute-force simulated with Hydra and detected through Wazuh alerts. Reproducible bilingual guide.
  • snort-ubuntu-setup — Snort IDS compiled from source + ClamAV; custom ICMP rules validated, EICAR signature detection confirmed.
  • Cryptosteganography — LSB image steganography combined with XOR and AES encryption.

🛠️ Toolbox

Detection & monitoring: Wazuh · Snort · Zeek · Wireshark · NetFlow analysis · MITRE ATT&CK Analysis: statistical & behavioral detection · C2/beacon hunting · threat intelligence Code: Python (pandas, networkx, PyQt6, Streamlit) · Bash · MATLAB Infra: Linux (Ubuntu, Kali) · Windows · Docker · Git · CI/CD


Currently looking for a cybersecurity internship — SOC, threat hunting, detection engineering or threat intelligence.

Pinned Loading

  1. heartbeat-hunter heartbeat-hunter Public

    Statistical C2 beacon detection engine — robust time-series analysis, composite scoring and graph-based campaign correlation, evaluated on CTU-13 (Zeek/NetFlow)

    Python

  2. sentinel_ai sentinel_ai Public

    Bu proje, Linux tabanlı siber güvenlik taramalarını Hibrit Yapay Zeka (Local Llama + OpenAI) mimarisiyle akıllı hale getirmeyi amaçlar. Sistem, terminal araçlarını modern bir arayüzde yönetir, çıkt…

    Python 1

  3. Guvenlik-Yardimcisi Guvenlik-Yardimcisi Public

    Python ve CustomTkinter ile geliştirilmiş çok modüllü güvenlik tarama ve PII tespit aracı.

  4. Cryptosteganography Cryptosteganography Public

    A visual message-hiding project using LSB, XOR and AES

    Jupyter Notebook

  5. Creating-an-experimental-environment Creating-an-experimental-environment Public

    Roff

  6. Linux-Commands Linux-Commands Public

    Basic Linux commands: with explanations in Turkish and English.

    1