// PROJECT DEEP DIVES

Not just what I built, but why and how

Three of my labs, explained the way I would in an interview: the real problem they tackle, my approach, and the skills they put on the table.

Blue TeamSOCKQL

Threat Hunting Lab (Mini-SIEM)

The context

In a SOC, the difference between catching an intrusion and missing it comes down to knowing how to ask the logs the right questions. I wanted an environment to train that muscle β€”query-driven threat huntingβ€” without deploying a full SIEM.

The challenge

Build a browser-playable mini-SIEM: a set of logs with an attack hidden in the noise, and a console where the analyst writes KQL-style queries to isolate the actor.

My approach

What it demonstrates

Open the lab β†’
Red TeamActive Directory

BloodHound AD Simulator

The context

Almost every company runs on Active Directory, and almost all of them have hidden attack paths: a chain of misconfigured permissions leading from any user to Domain Admin. Understanding how the attacker thinks is the best way to defend it.

The challenge

Recreate the BloodHound experience β€”enumerate a domain and find the shortest path to full controlβ€” in a visual, interactive simulator.

My approach

What it demonstrates

Open the lab β†’
ArquitecturaGRC

Secure Architecture Designer

The context

Security does not start at the firewall, it starts at design. Translating business requirements (size, budget, compliance) into a defensible architecture is a senior-level skill I wanted to demonstrate tangibly.

The challenge

A tool that, from a few parameters, generates a tailored security architecture: diagram, recommended controls and a cost estimate.

My approach

What it demonstrates

Open the lab β†’