Skip to content
View gurvinny's full-sized avatar
🔐
Building cool things so attackers can’t
🔐
Building cool things so attackers can’t

Block or report gurvinny

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
gurvinny/README.md

Gurvin Singh

Typing SVG

LinkedIn TryHackMe Email


Status Location Security+ CySA+


Certified blue-team defender. I build my own SOC, then break it, investigate it, and harden it. Every step documented.


role   : SOC Analyst · Blue Team Defender
lab    : Proxmox · pfSense · Wazuh 4.14.5 · Authentik · Docker · Pterodactyl
focus  : Detection Engineering · Threat Hunting · Incident Response · CIS Hardening
certs  : Security+ Certified · CySA+ Certified · THM SOC L1 (Advanced)
audits : CIS Ubuntu 24.04 L1 · 88.9% · USG Level 2 Server · 90.8%

[ SIEM ] Wazuh Splunk

[ NETWORK ] Wireshark pfSense Suricata

[ SYSTEMS ] Linux Bash Python

[ INTEL ] Sigma YARA MITRE



🔬 Projects

Repo What
🛡️ Security Analyst Portfolio Sigma rules · IR playbooks · NIST writeups
🔴 Wazuh SIEM Recovery Broke → fixed → hardened · CIS 88.9% · USG L2 90.8%
🏠 Home Network Lab VLAN segmentation · IDS/IPS · log aggregation
🐍 Automated Phish Extractor Python IOC extraction in 30 seconds
🎧 Slo-Fi Browser audio engine · TypeScript · Web Audio API · client-side, zero data exfiltration

🔴 Latest Investigation


╔══════════════════════════════════════════════════════════════╗
║  INCIDENT  Wazuh SIEM Full Pipeline Failure · 2026-04-24     ║
╠══════════════════════════════════════════════════════════════╣
║  PROBLEM   0 dashboard entries · all services active         ║
║  CAUSE     Admin hash mismatch · missing OpenSearch role     ║
║            Dashboard keystore overriding yml config          ║
║  FIXED     Auth chain repaired · roles created               ║
║            Keystore updated · auditd conflicts resolved      ║
║  AUDITS    CIS Ubuntu 24.04 L1   88.9%  ✓                    ║
║            USG Level 2 Server    90.8%  ✓                    ║
╠══════════════════════════════════════════════════════════════╣
║  RESULT    CIS Score   83.0%  >>>>>>>>>>>>>>>  88.9%  ✓      ║
║                                                              ║
║  STATUS    RESOLVED    ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓          ║
╚══════════════════════════════════════════════════════════════╝

→ Full case study


🟢 "The attacker needs to be right once. The defender needs to be right every time."

Pinned Loading

  1. security-analyst-portfolio security-analyst-portfolio Public

    Hands-on SOC analyst training portfolio covering threat detection, incident response, log analysis, and blue team lab investigations.

    1

  2. home-network-lab home-network-lab Public

    Enterprise-style home lab implementing VLAN segmentation, firewall isolation, and secure network architecture using pfSense.

  3. Automated-Phish-Extractor Automated-Phish-Extractor Public

    An automated triage tool for SOC analysts. Parses raw .eml files, extracts and defangs IOCs, analyzes SPF/DMARC headers, and generates standardized threat reports.

    Python 2 3

  4. grv-flipper-lab grv-flipper-lab Public

    Embedded systems, automation & security research using Flipper Zero. IR, RF, GPIO, NFC & protocol analysis.

    2

  5. Slo-Fi Slo-Fi Public

    Slo-Fi turns your browser into a late-night studio. Experience your favorite tracks in a new dimension with professional-grade slowing and deep, ethereal reverb. No downloads, no lag just pure atmo…

    TypeScript