Hello, I'm Daryl Brooks and welcome to my professional portfolio!
20+ Years of Federal Civilian Service (United States Park Police/Federal Trade Commission/US Citizenship & Immigration Services/Social Security Administration/Cybersecurity Infrastructure Security Agency)
Career Plans: My goal is to pivot into the vulnerability management and analysis cybersecurity domain. I want to take raw prevelance & scanning data and transform it into meaningful insight in order to help organizations better understand their overall security posture.
TOOLS USED: Powershell, Windows Server 2008/2012, Kali Linux (Ubuntu), Nmap, Metasploit Framework, msfvenom, Python, Bash, Splunk Enterprise, Snort, Lynis, Wireshark, T-Shark, Steghide, HPing, OpenVas, Nessus, sguil, Zeek, Hydra, Hashcat, John The Ripper, IP Tables, ModSecurity, Python Pickle, Suricata, Pentbox Honeypot, Cyber Chef, Yara Rules, BruteDum, OWASP ZAP Scanner, Burpsuite, Wordpress, GoBuster, AWS, Iftop, OpenSSL, Binwalk, Docker, dnsspoof, arpspoof, DAVTest, WMAP, PSexec, FreeRDP, CrackMapExec, Kiwi, Mimikatz, Searchsploit, Linpeas, Certutil, Armitage, NetCat, Nikto, WPScan
TOOLS USED: Powershell, Windows Server 2008/2012, Kali Linux (Ubuntu), Nmap, Python, Bash, Splunk Enterprise, Snort, Lynis, Wireshark, T-Shark, Steghide, HPing, OpenVas, Nessus, sguil, Zeek, IP Tables, ModSecurity, Python Pickle, Suricata, Pentbox Honeypot, Cyber Chef, Yara Rules, OWASP ZAP Scanner, AWS, Iftop, OpenSSL, Binwalk, Docker, Linpeas, NetCat
TOOLS USED: Powershell, Windows Server 2008/2012, Kali Linux (Ubuntu), Nmap, Metasploit Framework, msfvenom, Python, Bash, Wireshark, T-Shark, Hydra, Hashcat, John The Ripper, ModSecurity, Python Pickle, BruteDum, OWASP ZAP Scanner, Burpsuite, Wordpress, GoBuster, dnsspoof, arpspoof, DAVTest, WMAP, PSexec, FreeRDP, CrackMapExec, Kiwi, Mimikatz, Searchsploit, Armitage, NetCat, Gophish, Curl, Nikto, WPScan
TOOLS USED: Nmap, Python, Bash, Snort, Lynis, Wireshark, T-Shark, OpenVas, Nessus, sguil, Zeek, OWASP ZAP Scanner, Iftop, Binwalk, Docker, WMAP, Linpeas, Burpsuite, Curl, Nikto, WPScan
• Project 27 - Conducting Log Analysis with Splunk
• Project 47 - Investigating Rogue Processes w/ Splunk
• Project 70 - Using Binwalk for file inspection
• Project 23 - Executing Local File Inclusion and Remote Code Execution with Burp Suite!
• Project 53 - Burpsuite Traffic Interception 101
• Project 54 - Conducting a Man-in-the-Middle Attack w/ Burpsuite
• Project 160 - Using Curl and Burpsuite To Enumerate Allowed HTTP Methods
• Project 161 - Exploring Site Mapping Techniques: Passive Crawling vs Active Spidering 🕷️
• Project 168 - Capture The Flag Edition: Finding and Exploiting A Vulnerable WordPress Plug-in
• Project 60 - Creating AWS EC2 Key Pairs and Managing Secrets with AWS Secrets Manager
• Project 61 - Creating Security Groups for AWS EC2 Instances
• Project 62 - AWS IAM and S3 Security Compliance Automation
• Project 63 - AWS CloudFormation Templates: Applying Changesets and Detecting Configuration Drift
• Project 162 - Restricting Port Access on an AWS EC2 for Enhanced Security
• Project 163 - Building A Virtual Machine & Restricting Port Access In Microsoft Azure
• Project 164 - Building A Virtual Machine & Restricting Port Access In Google Cloud Platform
• Project 04 - Packet Analysis with Tshark: Telnet vs. SSH
• Project 08 - Packet Analysis pt 2: Network Traffic Monitoring with Wireshark & Tcpdump
• Project 10 - More packet analysis with Hping
• Project 14 - Threat Hunting w/ Wireshark and sguil
• Project 17 - Hacking An Enterprise Network
• Project 18 - Detecting Port Scans w/ Wireshark
• Project 30 - Extracting and Analyzing Malicious Traffic with T Shark
• Project 33 - Using Wireshark Filters to Detect Indicators of Compromise
• Project 34 - Configuring Zeek for Network Security Analysis
• Project 35 - Network Security Analysis w/ Zeek
• Project 66 - Digital Forensic Techniques 101
• Project 01 - Essential Powershell Commands for System Administration and Enumeration
• Project 02 - Navigating with the Linux & Windows Command Line Interface (CLI)
• Project 28 - Recovering from a Malware Infection: Step by Step Guide
• Project 39 - Isolating Compromised Users and Hardening Active Directory Security
• Project 45 - Remediating Vulnerabilities Found with OpenVAS and Nessus Scanners
• Project 46 - Reverse Engineering Malware using Cyber Chef and Yara Rules
• Project 107 - What Exactly Is Meterpreter and How Can It Best Be Used For Post Exploitation Activities? 🔍
• Project 108 - Taking Screenshots of A Victim's Desktop and Other Post Exploitation Shenanigans!
• Project 109 - Bypassing User Account Control with Memory Injection Techniques
• Project 110 - Post Exploitation: Establishing Persistence on Windows Systems
• Project 111 - Enabling RDP Post Exploitation (Capture The Flag Edition)
• Project 112 - Fun With Keylogging
• Project 113 - Covering Our Tracks: Clearing Windows Event Logs
• Project 114 - Using Autoroute & Port Forwarding To Pivot
• Project 129 - Defacing A Website via Microsoft IIS FTP Compromise
• Project 131 - Multifaceted Approaches To Compromising SMB (Manual vs Automated)
• Project 156 - Dumping & Cracking Windows Password Hashes
• Social Media - It's Risks and How to Protect Your Child)
• Small Size, Big Shield: How Small Businesses Can Be Cyber Ready
• SCADA Systems: Threats, Vulnerabilities, & Consequences
• My Cybersecurity Blogs
- Masters of Science, Information Security Management (Bowie State University)
- Bachelors of Science, Management Information Systems (Delaware State University)
- CISA Federal Cybersecurity Skilling Academy - Cyber Defense Analyst and Vulnerability Analysis tracks
- Google Cybersecurity Professional Certificate
- Google IT Support Professional Certificate
- Google Project Management Professional Certificate
- IBM Cybersecurity Analyst Professional Certificate
- IBM IT Support Professional Certificate
• Certified Information Systems Security Professional (CISSP)
• eJPT - Junior Penetration Tester
• CompTIA CySA+
• CompTIA Security+
• Social Media Security Professional (SMSP) Powered by CompTIA
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• AKYLADE Certified Cyber Resilience Fundamentals (A/CCRF)
• ISO/IEC 27001:2022 Lead Auditor
• Security Analyst (SAL1) Certificate
• Fortinet Certified Associate Cybersecurity
• CompTIA A+
• CompTIA Network+
• ITILv3 Foundation
• ITSM Foundation based on ISO/IEC 20000
• DHS Section 508 Trusted Tester
• Bowie State University - System Analyst Certificate
• AWS Certified Cloud Practitioner
• Microsoft Certified: Azure Fundamentals
• Microsoft Certified: Azure Data Fundamentals
• CompTIA Cloud Essentials+
• AWS Certified AI Practitioner
• Microsoft Certified: Azure AI Fundamentals
• AKYLADE AI Security Foundation (A/AISF)
• ISO/IEC 42001:2023 Lead Auditor
• Google AI Essentials
• Project Management Professional (PMP)
• Lean Six Sigma Green Belt
• Certified SAFe® 6 Release Train Engineer
• Certified Scrum Master (CSM)
• Professional Scrum Master™ I (PSM I)
• CompTIA Project+
• Agile Scrum Foundation
