Welcome to my GitHub portfolio! I'm a passionate cybersecurity professional specializing in SOC analysis, with a strong background in security operations and penetration testing. My journey in cybersecurity is fueled by a continuous thirst for knowledge and a dedication to making the digital world a safer place.

With hands-on experience in monitoring and responding to security incidents using tools like Splunk and various vulnerability assessment platforms, I am committed to identifying and mitigating threats. Ranked in the top 1% on TryHackMe and among the top 50 in the UAE, I aim to contribute to meaningful cybersecurity projects and share knowledge with the community, particularly in the realm of SOC operations.

"This portfolio is a work in progress, and I will continue to update it with new projects, skills, and certifications as I grow in my cybersecurity career."

• Name: Mahar Hassain K K

• Role: Cybersecurity Analyst | SOC Analyst | Penetration Tester

• Experience: 1 years in Cybersecurity

• Location: Dubai, United Arab Emirates

• Specializations: Security Operations Center • SIEM • VAPT • Compliance Management • Cyber Threat Intelligence (CTI)

• Email: [email protected]

• LinkedIn: LinkedIn-Profile

• Medium Blog/Writeups: Medium-Maharkk

• Current Focus: Working on enhancing my skills in SOC analysis, with a strong passion for safeguarding critical systems and responding to security incidents.

B.Tech in Computer Science (Honors), Major: Cybersecurity
Lovely Professional University, Punjab, India
Graduated: 2023
CGPA: 7.41 / 10

Cybersecurity Trainee: SOC Analyst
Red Team Hacker Academy, Kerala, India
Duration: 7 months

• Gained hands-on experience in security operations, monitoring, incident response, and penetration testing.
• Conducted vulnerability assessments and simulated attacks to evaluate system security.
• Worked with various tools and techniques for threat detection, analysis, and ethical hacking.

Cybersecurity Intern
Prodigy InfoTech (Remote)
Duration: 1 months

• Working on practical cybersecurity projects, including encryption tools, password complexity checkers, keyloggers, and network packet analyzers.
• Gaining hands-on experience in encryption techniques, network security, and ethical hacking.
• Contributing to the development of security tools and techniques for real-world application.

• Profile: TryHackMe - Maharkk

🏆= Rank 🔥= Streak 🏅= Badges Earned 🚪= Rooms Completed

🏅Notable Badges Acquired

90 Day Streak Owasp Top 10 Mr. Robot Linuxpriesc Hash Cracker Burp Suite FlareVM Phishing Boogeyman

• Expertise in SIEM, SOC monitoring, log analysis, Snort, osquery, and security automation.

• Skilled in techniques and tools like Splunk, Yara, Sysmon, Wazuh, Zeek, and Brim.

• Hands-on experience with incident handling, response strategies, threat detection, and recovery processes.

• Proficient in identifying, analyzing, and responding to emerging threats.

• Experienced with tools such as OpenVAS, Nessus, WPScan, and Arachni.

• Proficient in Metasploit Framework, Burp Suite, Nmap, Wireshark, NetworkMiner, and John the Ripper.

• Malware Analysis, Digital Forensics, Phishing Analysis, and Compliance Management.

• Languages:
  • Python: Automation, scripting, and development of security tools.
  • Bash: Scripting in Unix/Linux environments and automation tasks.
  • PowerShell: Windows system administration and scripting.
  • JavaScript: Web application security assessments.
  • SQL: Database querying and security testing.

• Windows: Extensive experience with various versions for penetration testing, incident response, and system administration.
• Linux: Proficient in distributions such as Kali Linux, Parrot, and Ubuntu for security assessments, scripting, and server management.

• Description: Developed a simple image encryption tool using pixel manipulation techniques. The tool allows users to encrypt and decrypt images by performing operations like swapping pixel values or applying a basic XOR operation to each pixel. This project demonstrates basic image encryption and decryption methods, showcasing practical applications of pixel-level manipulations in image security.
• Tools Used: Python, PIL (Pillow), NumPy
• GitHub Repo: GitHub repository

• Description: Developed a packet sniffer tool that captures and analyzes network packets, displaying relevant information such as source and destination IP addresses, protocols, and payload data. The tool ensures ethical use by including a disclaimer and obtaining user consent before starting packet capture. This project demonstrates practical skills in network monitoring and packet analysis for educational purposes.
• Tools Used: Python, Scapy
• GitHub Repo: GitHub repository

• Description: Created a Python program that implements the Caesar Cipher algorithm for encrypting and decrypting text. The program allows users to input a message and a shift value to perform both encryption and decryption operations. This tool demonstrates the basic principles of classical encryption techniques and provides a practical example of how to apply the Caesar Cipher in text processing.
• Tools Used: Python
• GitHub Repo: GitHub repository

• Certified SOC Analyst (CSA)

  • EC-Council - 2024
  • Certificate

• Certified IT Infrastructure and Cyber SOC Analyst V3 (CICSA)

  • Red Team Hacker Academy - 2024
  • Certificate

• SOC Level 1

  • TryHackMe - 2024
  • Certificate

• Jr Penetration Tester

  • TryHackMe - 2024
  • Certificate

• Learn Ethical Hacking From Scratch 2024

  • zSecurity, Udemy - 2024
  • Certificate

• Rank: Achieved a position in the top 1% of users globally and among the top 50 in the UAE.
• Level: Currently at max Level: GOD.
• Highlights: Successfully completed various learning paths, maintained a consistent streak for over Five months, and earned numerous badges for achievements and milestones. TryHackMe's hands-on challenges have been pivotal in advancing my cybersecurity skills.

• Tasks Completed: Over 5,000 tasks.
• Skills Demonstrated: Data analysis, security, and attention to detail.
• Recognition: Received incentives for the successful completion of bug bounties and data labeling tasks, showcasing my commitment to meticulous work.

• Internship Duration: 6 months.
• Focus Areas: Cloud technologies and DevOps practices.
• Skills Acquired: Enhanced proficiency in Agile Methods, AWS, Docker, Terraform, and other cloud and DevOps tools.
• Experience: Gained hands-on experience and contributed to real-world projects, improving my understanding of cloud infrastructure and development practices.

Explore more of my insights and analyses on cybersecurity and related topics on my Medium profile. Below are a few highlighted pieces:

• How TryHackMe Transformed My Cybersecurity Journey - Blog
  A deep dive into learning paths, streaks, badges, and global ranking.
  Read More

• Exploiting PHP Loose Comparison Vulnerabilities: The Magic Hash Attack(Web)
  Explore The Magic Hash Attack exploits PHP's loose comparisons, enabling attackers to bypass security checks using specific hash values.
  Read More

• Exploiting the NAPPING 1.0.1 VulnHub Machine: A Comprehensive Guide
  The successful exploitation of the NAPPING: 1.0.1 VulnHub machine illustrates the intricacies of penetration testing Read More

For the latest and more comprehensive content, visit my Medium profile regularly for updates.

I am committed to continuous improvement and staying at the forefront of cybersecurity. In the near future, I plan to focus on the following areas:

• SOC Operations: Deepening my understanding of Security Operations Center (SOC) processes, including incident detection, analysis, and response.
• Advanced Penetration Testing: Enhancing skills in sophisticated attack techniques and exploitation methods.
• Cloud Security: Gaining deeper knowledge of securing cloud environments and understanding cloud security best practices.
• DevSecOps: Integrating security practices into DevOps processes to ensure robust and secure software development.
• Threat Intelligence: Developing expertise in gathering, analyzing, and applying threat intelligence to enhance security posture.
• Attacking and Defending AWS: Building skills in securing and attacking Amazon Web Services (AWS) environments to better understand cloud vulnerabilities and defenses.

I am eager to apply these skills and knowledge to future projects and challenges.

I'm always open to discussing cybersecurity, sharing knowledge, and collaborating on projects. Feel free to reach out to me via LinkedIn, Email, or Medium.

This portfolio is a work in progress, and I will continue to update it with new projects, skills, and certifications as I grow in my cybersecurity career.