Kevin Hamzaj

I am a Cybersecurity Professional with a Masters Degree in Cybersecurity and Data Privacy. I am always improving and building my skills through hands on labs and projects set to challenge my skills

Ethical Hacking Capstone Projects and Coursework
Tools: Kali Linux, Wireshark, Metasploit, Nmap, Nessus, Burp Suite, Hydra, Cain & Abel, John the Ripper, Mimikatz

• Conducted network traffic analysis and ARP spoofing using Wireshark and Kali Linux to intercept FTP credentials and transferred files.
• Cracked Windows LM/NTLM hashes with Cain and brute-force attacks; cracked Linux shadow passwords using John the Ripper.
• Performed vulnerability scanning and enumeration using Nessus, OpenVAS, and Nmap NSE scripts to identify CVEs such as CVE-2006-3439 and CVE-2008-4250.
• Exploited real-world vulnerabilities via Metasploit modules (e.g., vsftpd backdoor) and confirmed root-level access through shell commands.
• Detected and exploited web application vulnerabilities (XSS, SQLi, RFI, Path Traversal) in DVWA and PentesterLab environments using Burp Suite and OWASP ZAP.
• Documented exploitation steps, technical findings, and security best practices in lab reports and post-engagement debriefs.

Home Soc Honeypot Lab in Azure

• Gained hands-on experience in network monitoring, log correlation, and threat intelligence analysis, simulating real SOC workflows.
• The lab provided a practical foundation in intrusion detection, alert triage, and cyber threat hunting in a low-cost, self-managed environment.
• Created a VM and a VN in Azure and configured Log Analytics Workspace, forwarded logs and integrating with Sentinel
• Querying failed login attempts and visualizing attack sources, built an attack map to track real time hacker activity

Azure Active Directory project

• Completed a hands-on project on Secure Access with Azure Active Directory through Coursera, focusing on implementing secure identity and access management in a cloud environment
• Gained practical experience configuring Azure AD, including user and group management, Single Sign-On setup, and Multi-Factor Authentication enforcement.
• Applied Conditional Access policies to manage access based on risk levels, device compliance, and user roles. Developed foundational skills in securing cloud-based applications and aligning with zero-trust security principles.

Phishing Simulation

• Completed a phishing simulation where I served as an analyst on Mastercard’s Security Awareness Team
• Helped identify and report security threats such as phishing
• Analyzed and identified which areas of the business needed more robust security training and implemented training courses and procedures for those teams

Cybersecurity Job Simulation

• Completed a job simulation involving the role of a cybersecurity generalist, specializing in fraud detection and prevention for Commonwealth Bank's Cybersecurity team.
• Developed skills in building data visualization dashboards using Splunk to uncover patterns and insights in historical customer data, aiding in fraud detection.
• Demonstrated the ability to respond effectively to cybersecurity incidents, including notifying relevant teams, collecting information, containing and stopping attacks, and aiding in recovery efforts.
• Enhanced security awareness expertise by designing infographics promoting best practices for secure password management, following Australian Cybersecurity Centre advice.
• Acquired practical experience in penetration testing, assessing the security of web applications, identifying vulnerabilities, and providing recommendations for remediation to bolster cybersecurity defenses.

AWS Networking Basics

• Created and hosted a static website on Amazon S3, configuring bucket policies and permissions for secure public access.
• Visualized data using Amazon QuickSight, building interactive dashboards to transform raw data into actionable insights.
• Implemented cloud security best practices using AWS IAM, managing users, roles, and policies to enforce least-privilege access and protect AWS resources.
• This project strengthened my skills in cloud storage, data analytics, and security, while providing a practical understanding of AWS architecture and governance.

Chronicle SIEM – Introduction & Single Event Rules

• Gained hands-on experience with Chronicle Security Information and Event Management (SIEM) platform, part of Google Cloud.
• Configured and utilized Chronicle to ingest and normalize log data from various sources.
• Developed and tested Single Event Rules using YARA-L for threat detection and security alerting.
• Analyzed security logs and investigated potential threats using Chronicle’s built-in tools and dashboards.
• Demonstrated foundational knowledge in SIEM architecture, rule writing, and log correlation to enhance security operations.