Skip to content
View Ronoh12's full-sized avatar

Block or report Ronoh12

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Ronoh12/README.md

Rodgers Rono

Cybersecurity enthusiast focused on Blue Team security, network traffic analysis, and incident investigation.

I build hands-on cybersecurity labs to practice real SOC analyst workflows.

Cybersecurity Skills

  • Windows Security Auditing
  • Network Traffic Analysis
  • Packet Investigation
  • Incident Response
  • Threat Detection
  • Security Documentation

Tools

  • Wireshark
  • Nmap
  • PowerShell
  • Windows Event Logs
  • Git
  • VirtualBox

Cybersecurity Projects

Home SOC Lab

Simulated SOC environment demonstrating detection of:

  • authentication attacks
  • network port scans
  • DNS traffic investigation

Repository:

https://github.com/Ronoh12/home-soc-lab

Windows Security Audit

Windows host investigation using PowerShell and security logs.

Repository:

https://github.com/Ronoh12/windows-security-audit

Wireshark Network Investigation

Packet analysis and protocol investigation using Wireshark.

Repository:

https://github.com/Ronoh12/wireshark-network-investigation

Malicious Traffic Analysis

Network traffic investigation project identifying suspicious activity.

Repository:

https://github.com/Ronoh12/malicious-traffic-analysis

SOC Incident Response Playbooks

Security response procedures used by SOC teams.

Repository:

https://github.com/Ronoh12/soc-incident-response-playbook

Current Learning

  • Threat hunting
  • Network traffic analysis
  • SOC investigation techniques
  • Incident response workflows

GitHub Stats

GitHub Stats

Popular repositories Loading

  1. system-security-baseline system-security-baseline Public

    A Bash-based Linux security auditing script that collects system information and evaluates core security controls, applying LOW/MEDIUM/HIGH risk labels to findings such as SSH configuration, firewa…

    Shell

  2. auth-log-analyzer auth-log-analyzer Public

    A Python Blue Team tool that analyzes Linux authentication logs to detect suspicious login activity and potential brute-force attempts, producing risk-scored summaries and structured JSON reports.

    Python

  3. nmap-xml-risk-report nmap-xml-risk-report Public

    A Python tool that parses Nmap XML scan results and generates risk-scored Markdown and JSON reports, including high-risk port summaries and an automated clean vs risky network comparison.

    Python

  4. security-event-correlator security-event-correlator Public

    Correlates Linux authentication and firewall logs into incident-style findings with risk scoring, supporting SOC-style analysis and Blue Team investigations.

    Python

  5. linux-hardening-validator linux-hardening-validator Public

    Validates Linux hardening controls using CIS, ISO/IEC 27001, and NIST CSF mappings with risk-based assessment and management-focused reporting.

    Python

  6. it-risk-register-generator it-risk-register-generator Public

    Generates a management-ready IT risk register using impact–likelihood scoring, risk ownership, and treatment decisions to support security governance and GRC activities.

    Python