Work

Projects

Projects from my GitHub; hands-on experience across cloud, cybersecurity, and networks.

No projects match this filter.

Complete
Sep 2025

Deploying a Honeypot with T-Pot on AWS

This project documents the deployment of a T-Pot honeypot on an AWS EC2 instance. The goal was to capture malicious traffic and analyse attack patterns targeting cloud infrastructure.

AWS EC2 T-Pot Honeypot Cybersecurity Linux
View Project → View on GitHub →
Complete
Aug 2025

Pi-hole with Docker on Raspberry Pi

Deploying Pi-hole as a network-wide ad blocker using Docker on a Raspberry Pi. Configured as a DNS sinkhole to block ads and trackers across all devices on the local network.

Raspberry Pi Docker Pi-hole DNS Networking Linux
View Project → View on GitHub →

No projects match this filter.

Planned

IAM Security Audit

Configuring an AWS account with intentionally misconfigured IAM policies, then identifying and remediating each issue. Documenting overly permissive roles, missing MFA, unused credentials, and the fixes applied.

AWS IAM Security Audit Cloud Security
Planned

AWS Security Alerts

AWS security alert pipeline. Using; GuardDuty, CloudWatch rule, SNS topic, email and phone which is verified with GuardDuty sample alerts.

AWS GuardDuty CloudWatch SNS Security
Planned

SIEM Lab with Wazuh

Deploying Wazuh as an open-source SIEM in a virtual lab environment to collect and analyse logs. Building detection rules, creating dashboards, and documenting findings from simulated network traffic.

Wazuh SIEM Log Analysis Security Monitoring Linux
Planned

Packet Capture & Protocol Analysis Lab

Capturing and dissecting real attack tool traffic — nmap scans, exploitation attempts — using Wireshark and tshark, with a written protocol-level breakdown of each technique.

Wireshark tshark nmap Packet Analysis
Planned

Prompt Injection Testing Lab

Building a deliberately vulnerable LLM application and systematically testing direct injection, indirect injection, and jailbreak techniques against it — measuring attack success rates and evaluating mitigations.

Ollama LLM Security Prompt Injection Python
Planned

Juiceshop

Practising web application security using OWASP Juice Shop — identifying and exploiting common vulnerabilities such as SQL injection, XSS, and broken authentication.

OWASP Web Security Pentesting Vulnerability
Planned

Metasploitable

Penetration testing practice against Metasploitable — a deliberately vulnerable Linux VM. Using Metasploit Framework to discover, exploit, and document vulnerabilities.

Metasploit Pentesting Vulnerability Linux
Planned

LLM Log Analyser

Using the Claude API and AWS Bedrock to automatically triage and summarise T-Pot honeypot attack logs — identifying attack patterns, top threat actors, and anomalies via a Lambda pipeline.

Claude API AWS Bedrock Lambda Log Analysis Threat Intelligence
Planned

Terraform

Infrastructure as code using Terraform to provision and manage cloud resources on AWS. Automating repeatable deployments and environment configurations.

Terraform IaC AWS Automation
Planned

Malware Analysis Sandbox

Building an isolated sandbox environment to safely detonate and analyse malware samples. Capturing behavioural indicators, network traffic, and system changes.

Malware Sandboxing Security Analysis

See all my repositories on GitHub

Visit github.com/ealdr →

← Back to Home