Portfolio

Simulated identity-based attacks in Microsoft 365 and Azure environments, including MFA failures, phishing, and impossible travel.

FIN7 emulation setup guide: Deploy red & blue team labs with Gophish, Sysmon, Splunk, & EDR to test endpoint threat detection.

Purple Team slashed detection to <1 min, containment to 5 mins, and cut financial risk by $58K/incident with enhanced endpoint detection.

Blue Team achieved 100% endpoint threat detection, <1 min C2 detection, 5 min containment, and reduced financial risk by $58K per incident.

Red Team endpoint attack evaded defenses, achieved 100% payload execution, established C2, exposing critical endpoint detection gaps.

Purple Team phishing simulation cut detection time to 5 min, reduced risk by $80K/attack & strengthened SIEM & automation.

Blue Team enhanced phishing detection, cutting response time to 5 min, improving SIEM alerts, and strengthening endpoint visibility.

Red Team phishing test bypassed security, achieved 100% email delivery, 50% execution, & identified SIEM gaps in C2 traffic logging.

Step-by-step home lab guide for Red, Blue & Purple Team phishing simulations, covering setup, attack execution, and detection tuning.