Tesnim Hamdouni tesnim5hamdouni

Hi there, I'm Tesnim. Welcome to my Github!
Researcher, Cybersecurity Enthusiast

Azure Sentinel
- Set up a honeypot in Azure and configured Azure Sentinel workbook to display global attack data (RDP brute force attacks) on a world map.
- The logs were collected from Windows Event Viewer on the honeypot and were processed by a third-party API to extract geographic information. The data were then fed to the SIEM using a custom PowerShell script.
Active Directory Home Lab
- Set up AD on server 2019 and use a PowerShell script to provision user accounts.
DHCP spoofing attack
- Simulate a DHCP spoofing attack following 3 stages : DHCP starvation, usurpation and phishing.
TCP SYN flooding attack
- Launch a TCP SYN flooding attack on a targeted server causing a denial of service to any legitimate client trying to connect.
DNS hijacking
- The idea is to observe the traffic in the network using promiscuous mode, capture the DNS packets, parse them, build a reply and send it to the client before the authentic DNS server can.
Static malware analysis
- Analyse a windows info stealer malware using OSINT, some PE utilities on REMnux VM and a custom python script using the PEfile library. Then write yara rules to sign off the malware.