Hello, I'm Agata Gabara, a cybersecurity enthusiast focused on Security Operations (SOC), Threat Hunting, Detection Engineering, Incident Response, and Blue Team Operations.
This repository serves as a central hub for my cybersecurity projects, hands-on labs, and security investigations developed using Splunk Enterprise, Sysmon, Windows Event Logs, Sigma Rules, and MITRE ATT&CK.
| Project | Focus Area |
|---|---|
| Microsoft Defender Security Analytics | Security Analytics, Power BI, Python ETL, SQL |
| Splunk SOC Lab | Security Monitoring & SOC Operations |
| Splunk Detection Engineering Lab | Detection Engineering & Validation |
| Threat Hunting Lab | Threat Hunting & Investigation |
| Incident Response Lab | Incident Handling & Analysis |
| Windows Forensics Lab | Digital Forensics |
| Autopsy Insider Investigation | Digital Forensics & Insider Threat Investigation |
| Active Directory Security Lab | Authentication & Privileged Access Monitoring |
| Sigma Detection Lab | Sigma Rule Development |
| Detection-as-Code Lab | Detection Engineering & Rule Management |
| Purple Team Lab | Adversary Simulation & Detection Validation |
| Malware Analysis Lab | Malware Analysis & YARA |
| Lumma Stealer Network Analysis | Malware Network Traffic Analysis |
| Network Traffic Analysis | Wireshark, PCAP Analysis & Network Forensics |
| Microsoft Sentinel SOC Lab | SIEM, KQL, Threat Hunting, Detection Engineering |
- Splunk Detection Engineering Lab
- Detection-as-Code Lab
- Sigma Detection Lab
- Threat Hunting Lab
- Purple Team Lab
- Incident Response Lab
- Windows Forensics Lab
- Active Directory Security Lab
- Malware Analysis Lab
- Splunk Enterprise
- Windows Event Logs
- Sysmon
- Splunk SPL
- Sigma Rules
- Detection-as-Code
- YARA Rules
- IOC Investigation
- Endpoint Telemetry Analysis
- Windows Security Event Analysis
- Security Investigation
- Event Correlation
- Forensic Analysis
- Detection Validation
- MITRE ATT&CK
- Security Monitoring
- Threat Detection
- Threat Hunting
- Detection Engineering
- Incident Response
- Windows Forensics
- Active Directory Security
- Malware Analysis Fundamentals
- Blue Team Operations
-
Microsoft Defender Security Analytics https://github.com/ag48665/microsoft-defender-security-analytics
-
Microsoft Sentinel SOC Lab https://github.com/ag48665/Microsoft-Sentinel-SOC-Lab
-
Splunk SOC Lab https://github.com/ag48665/Splunk-SOC-Lab
-
Splunk Detection Engineering Lab https://github.com/ag48665/Splunk-Detection-Engineering-Lab
-
Splunk Detection Library https://github.com/ag48665/Splunk-Detection-Library
- Microsoft Sentinel
- Azure Log Analytics
- Splunk Enterprise
- Windows Event Logs
- Sysmon
-
Threat Hunting Lab https://github.com/ag48665/Threat-Hunting-Lab
-
Sigma Detection Lab https://github.com/ag48665/Sigma-Detection-Lab
-
Detection-as-Code Lab https://github.com/ag48665/Detection-as-Code-Lab
-
Purple Team Lab https://github.com/ag48665/Purple-Team-Lab
-
Incident Response Lab https://github.com/ag48665/Incident-Response-Lab
-
Windows Forensics Lab https://github.com/ag48665/Windows-Forensics-Lab
-
Autopsy Insider Investigation https://github.com/ag48665/autopsy-insider-investigation
-
Malware Analysis Lab https://github.com/ag48665/Malware-Analysis-Lab
-
Lumma Stealer Network Analysis https://github.com/ag48665/lumma-stealer-network-analysis
- Network Traffic Analysis https://github.com/ag48665/network-traffic-analysis
- Active Directory Security Lab https://github.com/ag48665/Active-Directory-Security-Lab
Currently developing practical experience in:
- SOC Operations
- Threat Detection
- Threat Hunting
- Detection Engineering
- Incident Response
- Security Monitoring
GitHub: https://github.com/ag48665
LinkedIn: https://www.linkedin.com/in/agatha-gabara-06494a37/
Agata Gabara
Cybersecurity Analyst | SOC Analyst | Threat Hunter