The lab
A record of the hands-on labs I've worked through: forensic investigations, detection and monitoring, and network defense. It's laid out the way I'd read it on the job, newest at the top, severity on the left. Click a line to open it.
Hands-on labs
Completed lab work from my coursework and independent study. Open any entry to read the setup, what I did, and what I found. Framed as hands-on lab experience, not production tooling.
Try it yourself
Three short exercises set at Flexin Watches, a made-up watch company. Work an alert queue, read a packet capture, and hunt the red flags in a phishing email. No sign-up, nothing to install. Just click in.
1 · SIEM triage
You’re the Tier-1 analyst on shift. Each alert needs a call: escalate, investigate, or close. Some look scarier than they are, and one quiet one isn’t quiet at all.
2 · Packet capture
A slice of traffic from a Flexin workstation during a suspected data theft. Read it the way you would in Wireshark: click a packet to open its detail and see what made it evidence.
tcp.stream eq 4 || ftp-data || tcp.flags.reset == 1
3 · Spot the phish
This email landed in a Flexin employee’s inbox. Click every part you think is a red flag. The panel keeps score, and each flag explains itself once you find it.
That’s the full set. Real phishing rarely trips all of these at once, but any one of them is enough to slow down and verify before clicking.