Back to Home // Work

Project Write-Ups

Documented security work — real-world defensive deployments, offensive lab research, and IT management projects. Each project includes an executive summary, technical walkthrough, and detailed methodology.

// Defensive Deployments — Real-World
Defensive

SentinelOne EDR Deployment

100-endpoint EDR rollout for a manufacturing environment — staged deployment, behavioral AI policy design, IR playbook creation, MTTR reduction 48hr→6hr, 5 breaches contained.

10–15 min read · Endpoint Security

SentinelOneDatto RMMIncident ResponseMITRE ATT&CK
Defensive

FortiGate NGFW Multi-Site Refresh

Replaced EOL SonicWall appliances at 3+ sites. FortiManager centralized policy, VLAN segmentation, IPS with industrial signatures, IPsec VPN mesh, FortiAnalyzer log aggregation.

15–20 min read · Network Security

FortiGateFortiManagerVLANsIPsec VPN
Defensive

M365 & Entra ID Zero Trust Hardening

12 Conditional Access policies, MFA enforcement for 100% of users, legacy auth blocked, PIM just-in-time elevation, Intune device compliance baseline across 100 users.

15–20 min read · Identity Security

Entra IDConditional AccessZero TrustIntune
Offensive Lab

Kerberoasting — Domain Compromise

Full AD attack chain from low-privilege domain user to DCSync. SPN enumeration, hash cracking, credential spraying, over-privileged service account, complete domain takeover.

15–20 min read · Active Directory Security

KerberosImpacketBloodHoundDCSync
Offensive Lab

AS-REP Roasting Attack

Unauthenticated domain access via Kerberos pre-auth bypass. User enumeration with Kerbrute, hash extraction with Impacket GetNPUsers, cracked in under 2 minutes.

10–15 min read · Active Directory Security

KerberosImpacketHashcatKerbrute
Offensive Lab

WordPress Web Exploitation

External pentest of WordPress 5.0.0 — CVE-2020-8772 auth bypass, admin access without credentials, PHP reverse shell, PATH hijacking privilege escalation to root.

15–20 min read · Web Application Security

WordPressWPScanCVE-2020-8772RCE
Lab Infrastructure

Homelab Build & Network Architecture

Proxmox VE hypervisor, 3 isolated network segments, AD domain (ad.lab), intentionally vulnerable targets — DVWA, WordPress 5.0, OWASP Juice Shop, WebGoat.

15–20 min read · Lab Infrastructure

ProxmoxActive DirectoryKali LinuxNetwork Design
Defensive

Incident Response & Breach Investigation

5 real security incidents investigated and contained as IT Manager — MTTR reduced from 48 hours to 6 hours through playbook development, SentinelOne deployment, and repeatable containment procedures.

12–15 min read · Incident Response

SentinelOneFortiAnalyzerM365 AuditNIST IR
IT Management

Windows Infrastructure & Active Directory Management

Full Windows infrastructure stack for 100 users across 4 manufacturing sites — Active Directory, Group Policy, Windows Server, M365 hybrid deployment, patch management at 95% compliance, and Datto BCDR.

10–14 min read · System Administration

Windows ServerActive DirectoryGroup PolicyM365
Contract Work

MSP — Multi-Site Field Deployments

Solo contractor deploying Unifi network infrastructure, EDR, and RMM across 4 dental clinic sites across Canada.

10–12 min read · Field Deployment

UnifiDatto RMMVLANOn-Site Deployment