@BabatundeQodri

Behavioral HTTP Threat Detection: Directory Enumeration (DirBuster-Style Reconnaissance)

Mar 3 · 17 min read · A behavioral detection that identifies automated web reconnaissance by correlating high-volume GET/HEAD requests across unique URIs, enriched with threat intelligence to reduce false positives. “I bui

Windows Endpoint Threat Detection & Persistence Analysis Using Sysmon and Splunk (MITRE T1547.001)

Mar 3 · 21 min read · This documentation presents a hands-on SOC investigation focused on detecting and validating Windows registry-based persistence using Sysmon and Splunk. The project demonstrates how common auto-start

Behavioral HTTP Threat Detection: Dashboards, Alerts & Incident Response Playbooks

Mar 3 · 55 min read · Modern web-based cyber threats evolve rapidly, and Security Operations Centers (SOCs) cannot afford delays in identifying malicious activity within HTTP traffic. This project delivers a fully engineer

Behavioral DNS Threat Detection & Automated Incident Response (Splunk, Slack, Jira)

Nov 27, 2025 · 29 min read · In modern cybersecurity operations, DNS traffic is often an overlooked channel for data exfiltration, malware beaconing, and command-and-control communications and so on. In this project, i demonstrates a complete hands-on workflow for DNS threat de...

Automated Brute-Force Login Detection & Email Alerting in Splunk (Ubuntu)

Nov 13, 2025 · 10 min read · I still can’t believe it myself — I built a Splunk-powered detection that spots and alerts brute-force login attempts on Windows hosts in under two minutes, boosting visibility and incident response efficiency by over 60%. Here’s how I made it happen...