Category: Uncategorized

What it is:
A case study analysis of the Target Corporation 2013 data breach, examining how attackers exploited third-party access, weak network segmentation, and inadequate incident response to compromise millions of customer records.

What I did:
Analyzed how attackers gained access through a third-party vendor (HVAC contractor), moved laterally within the network, and deployed point-of-sale malware (BlackPOS) to extract sensitive financial data. Evaluated the organization’s security failures, including lack of network segmentation and failure to act on security alerts, and proposed mitigation strategies such as improved monitoring, segmentation, and security awareness training.

What I learned:
Learned how real-world breaches often result from a combination of technical vulnerabilities and organizational failures. Gained insight into supply chain risks, the importance of network segmentation, and the critical role of timely incident response. Also learned how malware operates within systems to capture sensitive data and how early detection is ineffective without proper action.

CYSE-300-Research-Paper-1

What it is:
A detailed case study analyzing the 2024 ransomware attack on Change Healthcare, one of the largest healthcare data breaches in U.S. history, focusing on attack methods, impact, and cybersecurity implications.

What I did:
Analyzed how the BlackCat ransomware group gained access through stolen credentials and lack of multi-factor authentication, moved laterally within the network, and executed a double extortion attack. Evaluated the widespread operational, financial, and patient-care impacts, and examined systemic risks such as centralized infrastructure and weak monitoring systems. Proposed mitigation strategies including MFA, network segmentation, continuous monitoring, and compliance with updated HIPAA Security Rule standards.

What I learned:
Learned how a single vulnerability can lead to large-scale national disruption, especially in critical sectors like healthcare. Gained insight into ransomware tactics such as lateral movement and data exfiltration, as well as the importance of foundational security controls like MFA. Also developed an understanding of how cybersecurity failures can directly impact patient care, financial stability, and public trust.

CS-462-Course-Project

What it is:
A hands-on network analysis lab focused on monitoring, capturing, and analyzing network traffic using Wireshark within a virtualized environment to understand communication patterns and security risks.

What I did:
Captured and analyzed network traffic between virtual machines using Wireshark, including ICMP and DNS communications. Configured port mirroring to intercept LAN traffic and acted as an attacker to sniff communications between systems. Identified packet details such as IP addresses, ports, and protocols, and extracted sensitive information (FTP credentials) from unencrypted traffic to demonstrate real-world vulnerabilities.

What I learned:
Learned how network traffic can be monitored and analyzed to identify communication patterns and potential security risks. Gained insight into how unencrypted protocols like FTP expose sensitive data, reinforcing the importance of secure alternatives. Also developed skills in using filters, analyzing packet structures, and understanding how attackers can intercept data within a network.

CYSE301-ASSIGNMENT-2

What it is:
A hands-on penetration testing lab focused on identifying and exploiting Windows vulnerabilities using industry tools, followed by post-exploitation and privilege escalation techniques in a controlled virtual environment.

What I did:
Performed network reconnaissance using Nmap to identify open ports and SMB vulnerabilities. Exploited the MS08-067 vulnerability on Windows XP using Metasploit Framework and established a Meterpreter session. Tested EternalBlue (MS17-010) against modern systems, generated and delivered custom payloads to a Windows 7 machine, and conducted post-exploitation tasks including system enumeration, file manipulation, privilege escalation, and creating administrative backdoor accounts.

What I learned:
Learned how attackers identify and exploit vulnerabilities in outdated systems and why legacy systems pose significant risks. Gained experience in the full attack lifecycle: reconnaissance, exploitation, persistence, and post-exploitation. Also learned why modern systems (e.g., Windows Server 2022) are more resistant to older exploits due to updated security controls and patches.

CYSE301-ASSIGNMENT-4

What I Built:

• A client-server application using sockets
• User login and account creation system
• Password hashing using SHA-256
• Basic encryption/decryption for data transmission
• Budget tracking system with stored user data

Key Skills Demonstrated:

• Secure authentication implementation
• Client-server communication (sockets)
• Data encryption and protection
• File handling and persistence (JSON)
• Python programming for security-focused applications

What I Learned:

• Importance of hashing passwords instead of storing plaintext
• How client-server systems communicate securely
• Challenges of handling authentication and user data
• Basics of securing data in transit and at rest

server.py

import socket

import json

import hashlib

import os

# Encryption/Decryption functions

def encrypt(data, key=5):

    return ”.join(chr(ord(c) ^ key) for c in data)

def decrypt(data, key=5):

    return encrypt(data, key)

# Load users from file

def load_users():

    try:

        with open(“users.json”, “r”) as f:

            return json.load(f)

    except FileNotFoundError:

        return {}

# Save users to file

def save_users(users):

    with open(“users.json”, “w”) as f:

        json.dump(users, f)

# Hash password

def hash_password(password):

    return hashlib.sha256(password.encode()).hexdigest()

# Authenticate user login

def authenticate(username, password_hash, users):

    if username in users:

        return users[username][“password”] == password_hash

    return False

# Create account

def create_account(username, password_hash, users):

    users[username] = {“password”: password_hash}

    save_users(users)

    return True

# Calculate recommended 50/30/20 budget

def calculate_budget(income):

    return {

        “needs”: round(income * 0.50, 2),

        “wants”: round(income * 0.30, 2),

        “savings”: round(income * 0.20, 2)

    }

# Compare actual vs recommended expenses

def analyze_expenses(recommended, actual):

    analysis = {}

    if actual[“needs”] > recommended[“needs”]:

        analysis[“needs_status”] = f”Over budget by ${round(actual[‘needs’] – recommended[‘needs’], 2)}”

    else:

        analysis[“needs_status”] = “Within recommended budget”

    if actual[“wants”] > recommended[“wants”]:

        analysis[“wants_status”] = f”Over budget by ${round(actual[‘wants’] – recommended[‘wants’], 2)}”

    else:

        analysis[“wants_status”] = “Within recommended budget”

    if actual[“savings”] < recommended[“savings”]:

        analysis[“savings_status”] = f”Below recommended savings by ${round(recommended[‘savings’] – actual[‘savings’], 2)}”

    else:

        analysis[“savings_status”] = “Meeting or exceeding savings goal”

    return analysis

def save_budget_to_file(username, income, budget, actual, analysis):

    filename = f”{username}_budget_history.json”

    # Load existing history or create new

    if os.path.exists(filename):

        with open(filename, “r”) as f:

            history = json.load(f)

    else:

        history = []

    entry = {

        “income”: income,

        “recommended_budget”: budget,

        “actual_expenses”: actual,

        “analysis”: analysis

    }

    history.append(entry)

    with open(filename, “w”) as f:

        json.dump(history, f, indent=4)

# Main server function

def start_server(host=”127.0.0.1″, port=12345):

    users = load_users()

    server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    server_socket.bind((host, port))

    server_socket.listen()

    print(f”Server running on {host}:{port}…”)

    while True:

        conn, addr = server_socket.accept()

        print(f”Connected to {addr}”)

        try:

            login_data = decrypt(conn.recv(1024).decode())

            username, password_hash, action = login_data.split(“,”)

            if action == “login”:

                if authenticate(username, password_hash, users):

                    conn.send(encrypt(“SUCCESS”).encode())

                else:

                    conn.send(encrypt(“FAIL”).encode())

                    conn.close()

                    continue

            elif action == “create”:

                if username in users:

                    conn.send(encrypt(“EXISTS”).encode())

                    conn.close()

                    continue

                else:

                    create_account(username, password_hash, users)

                    conn.send(encrypt(“CREATED”).encode())

            encrypted_income = conn.recv(1024).decode()

            income = float(decrypt(encrypted_income))

            budget = calculate_budget(income)

            conn.send(encrypt(json.dumps(budget)).encode())

            expenses_encrypted = conn.recv(1024).decode()

            actual_expenses = json.loads(decrypt(expenses_encrypted))

            analysis = analyze_expenses(budget, actual_expenses)

            

            save_budget_to_file(username, income, budget, actual_expenses, analysis)

            conn.send(encrypt(json.dumps(analysis)).encode())

        except Exception as e:

            print(“Error:”, e)

        finally:

            conn.close()

            print(f”Disconnected from {addr}”)

if __name__ == “__main__”:

    start_server()

client .py
import socket

import json

SHIFT = 4

def encrypt(text):

    return “”.join(chr((ord(c) + SHIFT) % 256) for c in text)

def decrypt(text):

    return “”.join(chr((ord(c) – SHIFT) % 256) for c in text)

def send_request(sock, data):

    encrypted = encrypt(json.dumps(data))

    sock.send(encrypted.encode())

    response = decrypt(sock.recv(4096).decode())

    return json.loads(response)

# —————————–

# MAIN CLIENT

# —————————–

def main():

    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

    sock.connect((“127.0.0.1”, 5000))

    print(“\n— Welcome to the Budget Tracker —“)

    print(“1. Login”)

    print(“2. Create Account”)

    choice = input(“Choose: “)

    username = input(“Username: “)

    password = input(“Password: “)

    if choice == “1”:

        res = send_request(sock, {“action”: “login”, “username”: username, “password”: password})

    else:

        res = send_request(sock, {“action”: “register”, “username”: username, “password”: password})

    if res[“status”] != “ok”:

        print(res[“msg”])

        return

    print(“\nLogged in successfully!\n”)

    while True:

        print(“\n— Menu —“)

        print(“1. Add Expense”)

        print(“2. View Expense History”)

        print(“3. Calculate 50/30/20 Budget”)

        print(“4. Exit”)

        option = input(“Choose: “)

        if option == “1”:

            item = input(“Expense name: “)

            amount = float(input(“Amount: “))

            res = send_request(sock, {“action”: “add_expense”, “username”: username, “item”: item, “amount”: amount})

            print(res[“msg”])

        elif option == “2”:

            res = send_request(sock, {“action”: “get_history”, “username”: username})

            print(“\n— Expense History —“)

            for e in res[“history”]:

                print(f”{e[‘item’]}: ${e[‘amount’]}”)

        elif option == “3”:

            income = float(input(“Monthly income: $”))

            res = send_request(sock, {“action”: “budget”, “username”: username, “income”: income})

            print(“\n— 50/30/20 Breakdown —“)

            print(f”Needs:   ${res[‘needs’]:.2f}”)

            print(f”Wants:   ${res[‘wants’]:.2f}”)

            print(f”Savings: ${res[‘savings’]:.2f}”)

        elif option == “4”:

            print(“Goodbye!”)

            sock.close()

            break

        else:

            print(“Invalid choice.”)

if __name__ == “__main__”:

    main()

Milestone-1

What it is:
A hands-on Linux lab focused on password security, where multiple user accounts were created with varying password complexities and tested using password cracking techniques.

What I did:
Created six Linux user accounts with different password strengths ranging from simple dictionary words to complex combinations of uppercase, lowercase, numbers, and symbols. Extracted password hashes and used the tool John the Ripper in wordlist mode with rockyou.txt to simulate real-world password attacks and evaluate how quickly each password could be cracked.

What I learned:
Learned how weak passwords can be easily compromised using common wordlists and brute-force techniques. Gained practical experience with Linux user management, password hashing, and offensive security tools. Also developed a deeper understanding of why strong password policies and complexity requirements are critical for system security.

annotated-Assignment-5-CYSE270

What it is:
An interdisciplinary research paper analyzing the key factors that influence cybersecurity auditors when developing risk management plans, incorporating perspectives from cybersecurity, psychology, and law.

What I did:
Conducted research across multiple disciplines to evaluate how technical vulnerabilities, human behavior, and legal requirements impact risk management planning. Analyzed concepts such as penetration testing, user behavior, and regulatory frameworks like GDPR, and explored how these factors interact to shape effective security strategies.

What I learned:
Learned that effective risk management requires more than technical controls, it must also account for human error and legal compliance. Gained insight into how cybersecurity, psychology, and law intersect, and how combining these perspectives leads to stronger, more comprehensive security plans. Also explored the balance between technical defenses and user-focused security approaches.

Research-Final-Draft-1-1

What it is:
A research-based security policy paper developed for a corporate environment with on-premises web, application, and database servers handling sensitive data. The paper follows APA formatting and incorporates scholarly sources to support security policy decisions.

What I did:
Designed a comprehensive security policy addressing five critical areas: information classification, security awareness training, access control, encryption, and security incident management. Conducted research using academic and industry sources to justify each policy component and align it with real-world enterprise security practices.

What I learned:
Learned how to translate cybersecurity concepts into formal policy language used in real organizations. Gained a deeper understanding of how human factors, access control mechanisms, and encryption strategies work together to reduce risk. Also developed experience applying research to practical security solutions.

CYSE-300-RESEARCH-2.docx_safe

What it is:
A research paper focused on the role of patch management in securing Windows enterprise systems, highlighting vulnerabilities, real-world cyberattacks, and security frameworks.

What I did:
Analyzed how patch management protects against common Windows vulnerabilities such as remote code execution and privilege escalation. Evaluated real-world incidents like WannaCry and PrintNightmare, and examined frameworks like NIST SP 800-40 and Zero Trust. Also explored tools such as WSUS, SCCM, and Microsoft Intune for managing updates.

What I learned:
Learned that most cyberattacks exploit already known vulnerabilities that were not patched in time. Gained understanding of how structured patching processes, automation, and risk prioritization significantly reduce exposure to threats. Also learned the importance of balancing system stability with security.

Role-of-Patch-Management-in-Securing-Windows-Environments

Task A – Explore Network Configurations (8 * 5 = 40 Points)
{{{{{{{{{Connect your VM in the NAT mode}}}}}}}}

1. Use the correct ifconfig command to display the current network configuration. Highlight your IP
   address, MAC address, and the network mask.
2. Use the correct route command to display the current routing table.
3. Use the netstat command to list current TCP connections.
4. Use the ping command to determine if the ubuntu.com system is accessible via the network.
   (Use the correct option to send 10 ping requests only.)
5. Use the host command to perform a DNS query on www.odu.edu
6. Use the cat command to display the contents of the file that contains the system’s hostname.
7. Use the cat command to display the contents of the file that contains the DNS servers for this
   system.
8. Edit the same file you display in the previous step, set the system’s hostname to your MIDAS ID
   permanently. Reboot system and repeat step 6.
   Task B – A Different Network Setting (3 * 20 = 60 Points)
9. Change the VM network connection from NAT to the bridge mode (you will lose your Internet
   connection if you are connected to the ODU campus Wi-Fi network, but it is okay).
10. Reboot your system, then repeat Steps 1 – 7 in Task A.
11. Highlight the differences at the end of each step and discuss what do you find.