Emulated post-exploitation techniques in a Windows AD lab using Atomic Red Team, Mimikatz, and PowerShell. Integrated Wazuh SIEM to detect 20+ MITRE-mapped TTPs and performed CIS-based hardening, achieving 80% compliance improvement.

Deployed ThreatHawk and Wazuh SIEM across multi-vendor enterprise environments. Built 30+ custom detection rules and log parsers for Huawei routers, WatchGuard firewalls, TrendMicro EDR, CrowdStrike, and spyware/grayware events. Reduced false positives by 45% through systematic rule tuning.

Built a compliance mapping framework with Python scripts that cross-reference ISO 27001 controls against NCA ECC, SAMA CSF, ADHICS, PDPL, UAE IA, and Bahrain NCSC. Scripts auto-detect existing ISO controls in rules and append matched regional framework controls from a master spreadsheet, cutting manual mapping effort by 60%.

Full-featured security operations dashboard with live Wazuh API integration, geolocation attack maps, MITRE ATT&CK visualization, and compliance tracking (PCI-DSS, HIPAA, NIST). Backed by SQLite with auto-refreshing data pipelines.

A cybersecurity-themed portfolio featuring GSAP animations, 3D skills globe, interactive hacking terminal, and custom target cursor. Built with Next.js and deployed on Vercel with optimized OG previews.

IoT security solution using ESP32, motion/gas/fire sensors, and ESP32-CAM. Engineered a Flutter + Firebase mobile app for real-time alerts, improving response time by 60%.