Joseph Montoya

Motivated and tech-savvy cybersecurity enthusiast seeking an internship opportunity to gain hands-on experience in the field of cybersecurity. Eager to contribute my knowledge of cybersecurity principles, emerging threats, and passion for protecting digital assets to support an organization's security initiatives.

- Network Security
- Ethical Hacking
- Cybersecurity Fundamentals
- Computer Forensics
- Information Assurance
-Python
-Linux Security
-Cloud Security
-Computer Networking
-Microsoft Security
-Cyber Infrastructure & Technology

Project Forensic Investigation.

• they have collected data that needs to be reviewed by your team to see who attack the machine
• we have to locate the malicious file and captured the data with pcap files provide to use and figure out what attack it was and how is stared
• Open Pcap Files using Wireshark, In the top toolbar, use Statistics and endpoint to pinpoint an IP address in this case i used the IP address with the most traffic and filter it with zeek
• Once in root, run zeek -r investigate_me.pcap to enable Zeek to parse the .pcap file into different logs, Run zeek -Cr investigate_me.pcap/home/sansforensics/Desktop/zeek/scripts/policy/frameworks/files/hash- all-files.zeek to get the hash values of the files.
• Use the command: cat files.log | zeek-cut -d ts rx_hosts mime_type filename md5 | grep application/x-dosexec to narrow down the malicious file.
• with the new information found we narrow it down more using ip.src==192.168.23.130 && DNS in Wireshark
• to Obtain user hidden data we gonna use Mimikatz to obtain the user’s password.
• Use the command privilege::debug to ensure you have high-level privileges. • Use the command token::elevate to obtain system permissions. • Use the command lsdump::sam to get a key for SAM entry decryption and dumping and decrypt the attacker hash password
• Use HxD to investigate the file we change the bytes and rename the file and reopen it we should get the attacker malicious file

Project: Penetration Tester.

• Get root permission access to Ex Employe metasploitable server
• Use John the Ripper to crack password on CrackMeIfYouCan.rar once Password discovered
• Opened file included web page files and a file named secret only i _would_know.txt
• Use https://hashes.com/en/decrypt/hash to decrypt some hashes
• Once we had the credentials to haces the encrypted file we use Nmap to detect open ports for a given IP address and use Metasploit, search for vulnerabilities
• of both specified protocols

Project: Secure Your Network, Blocking unwanted traffic.

• A primary complaint of GoodCorp's HR is that some employees spend time with apps
  they should not use.
• On my Debian VM we test that traffic is allowed.
  and Use a terminal to run pings to different LAN addresses Test ping 4.2.2.2, Test ping 8.8.8.8
• create a firewall rule blocking traffic not allowed for a
  specific destination.
  Use 8.8.8.8 as the destination to be blocked for ICMP. Another request: Set pfSense to log packets that match the rule Add a rule to the WAN interface to allow ICMP traffic. (This is to allow hping3 and
  ncrack.

Project: setting up SIEM.
• Used custom PowerShell script to extract metadata from Windows Event Viewer to be forwarded to third party API in order to derive geolocation data
• Configured Log Analytics Workspace in Azure to ingest custom logs containing geographic information (latitude, longitude, state/province, and country)
• Configured Custom Fields in Log Analytics Workspace with the intent of mapping geo data in
Azure Sentinel
• Configured Azure Sentinel (Microsoft's cloud SIEM) workbook to display global attack data (RDP
brute force) on world map according to physical location and magnitude of attacks.

Comcast Technical Services/ Billing/ Collections specialist

02/21/2016 - 02/19/2019 Comcast Las Vegas, NV

• Preparing reports of delinquent accounts for legal action such as lawsuits or referral to debt collection agencies
• Coordinating with insurance companies to ensure that claims are processed in a timely manner
• Contacting patients to confirm insurance coverage and making any necessary adjustments to accounts
• Evaluating, analyzing and monitoring the processing of invoices and on-line notes, utilizing a Windows based data processing system
• Contacting providers, physicians, and/or patients to retrieve appropriate medical documentation to substantiate services provided and engage them in assisting in collecting for the payer
• Identifying hardware and software solutions.
• Troubleshooting technical issues.
• Diagnosing and repairing faults.
• Resolving network issues.
• Installing and configuring hardware and software.
• Speaking to customers to quickly get to the root of their problem.
• Providing timely and accurate customer feedback.
• Talking customers through a series of actions to resolve a problem.

Property management At Brook Stone Apartments

05/20/2019 - 03/16/2020 Las Vegas,NV

• Filling vacancies
• Responding to tenant complaints
• Collecting rent
• Managing apartment upkeep
• Coordinating maintenance work
• Enforcing leases
• Preparing performance reports
• Hosting community events
• Conducting bank deposits
• Maintaining financial records and keeping a detailed and organized database

Sephora WDC

04/25/2020 - 09/14/2022 Las Vegas,NV

• Process, package and ship orders accurately.
• Organize stocks and maintain inventory.
• Inspect products for defects and damages.
• Examine ingoing and outgoing shipments.
• Organize warehouse space.
• Receive, unload and place incoming inventory items appropriately.
• Check, verify and fill customer invoices.

Airbnb property manager

Current Las Vegas, NV

• Market rentals to grow reservations, supplying ads with exceptional pictures and descriptions
• Maintain a calendar of reservations to prevent double-bookings and view upcoming rentals
• Clean rentals, restock necessities, and explain house rules to new guests
• Answer guest questions and meet with guests to exchange keys at the beginning of stays
• Perform routine and emergency maintenance on properties