Open to opportunities
SOC Analyst · Penetration Tester

Mohammed
Aslam.

I detect threats before they become breaches and find vulnerabilities before attackers do. Defending systems by thinking like an adversary.

View My Work Contact Me
SIEM & Log Analysis Threat Hunting Network Pentesting Incident Response Web App Security
01.

About Me

I'm Mohammed Aslam, a cybersecurity professional with a dual focus on SOC operations and penetration testing. I thrive at the intersection of offense and defense — understanding both sides makes me a stronger analyst and a more effective tester.

In my SOC role, I monitor security events, triage alerts, investigate incidents, and respond to threats in real time. On the offensive side, I conduct penetration tests to identify vulnerabilities in networks, web applications, and systems before malicious actors can exploit them.

I believe the best defenders think like attackers. My goal is to continuously sharpen both skill sets to stay ahead of an ever-evolving threat landscape.

Penetration Testing & Ethical Hacking
Security Operations & Incident Response
Vulnerability Assessment & Reporting
Network & Web Application Security
  focus_areas.txt
🛡️
SOC Analysis
SIEM · Alert Triage · Threat Detection
🔴
Penetration Testing
Network · Web App · Post-Exploitation
🔍
Incident Response
Triage · Containment · Forensics
📊
Threat Intelligence
OSINT · IOC Analysis · Reporting
02.

Skills & Tools

// SOC & Monitoring
SplunkMicrosoft SentinelELK StackQRadarWazuhLog AnalysisAlert Triage
// Penetration Testing
MetasploitBurp SuiteNmapNessusNiktoSQLMapHydraKali Linux
// Network & Forensics
WiresharktcpdumpZeekVolatilityAutopsyPCAP Analysis
// Programming & Scripting
PythonBashPowerShellYARA RulesRegexSQL
// Frameworks & Standards
MITRE ATT&CKOWASP Top 10Kill ChainNIST CSFISO 27001
// Cloud & Infrastructure
AWS SecurityAzure DefenderActive DirectoryIDS/IPSFirewall Config
03.

Projects

SOC · Threat Detection
SIEM Detection Rules Lab

Built and tested custom detection rules in Splunk and Microsoft Sentinel to identify brute force, lateral movement, and privilege escalation patterns. Reduced false positive rate by tuning alerts against real log data.

SplunkSentinelKQLSPL
Penetration Testing · Network
Internal Network Pentest Simulation

Simulated an internal network penetration test on a lab environment. Conducted enumeration, exploitation, and post-exploitation phases. Produced a full vulnerability report with remediation recommendations.

NmapMetasploitBloodHoundMimikatz
SOC · Incident Response
Phishing Incident Response Playbook

Developed an incident response playbook for phishing attacks — from alert triage to containment, eradication, and lessons learned. Includes automated response scripts and escalation paths.

PythonTheHiveMITRE ATT&CK
Penetration Testing · Web App
Web Application Vulnerability Assessment

Performed a thorough web application assessment targeting OWASP Top 10 vulnerabilities including SQL injection, XSS, IDOR, and broken authentication. Documented findings in a professional pentest report.

Burp SuiteSQLMapOWASP ZAPNikto
Threat Intelligence · Tooling
IOC Threat Intelligence Aggregator

Python tool that aggregates threat intelligence from open-source feeds, extracts IOCs (IPs, domains, hashes), and pushes them into a SIEM for automated blocking and alerting.

PythonMISPVirusTotal APISplunk API
SOC · Log Analysis
Active Directory Attack Detection

Created detection use cases for common AD attacks — Kerberoasting, Pass-the-Hash, and DCSync — using Windows Event Logs and SIEM correlation rules. Mapped to MITRE ATT&CK TTPs.

Windows EventsSplunkMITRE ATT&CKPowerShell
04.

Contact

Let's connect.

Whether you're looking for a SOC analyst, need a penetration test, or just want to talk security — I'd love to hear from you. Always open to new opportunities and collaborations.

See My Projects ↑
GitHub
github.com/MohammedAslam615