Deep Blue Investigation
Windows event log investigation involving suspicious process execution, Meterpreter style activity, service creation, and local account persistence.
View projectBlue Team
Dennis Kontic Cybersecurity Lab Portfolio
Welcome to my cybersecurity project portfolio. This site highlights hands on technical work across SOC analysis, digital forensics, incident response, malware analysis, threat intelligence, and detection engineering.
My goal is to show practical cybersecurity skills beyond certifications by documenting how I investigate alerts, reconstruct attacks, analyze evidence, map activity to MITRE ATT&CK, and communicate findings clearly.
Blue Team
SOC investigations, incident response, and threat hunting.
- SOC analysis
- Incident response
- Threat hunting
DFIR
Windows artifacts, memory analysis, and malware triage.
- Digital forensics
- Memory analysis
- Malware analysis
Detection
MITRE mapping, alert logic, and investigation workflows.
- Detection engineering
- Threat intelligence
- Web security
Content
Technical writeups and DonkeySec YouTube walkthroughs.
- Lab documentation
- Project walkthroughs
- Defensive security education
About This Portfolio
This portfolio is designed to give recruiters, hiring managers, and security professionals a clear view of my practical cybersecurity work. Each project focuses on how I approach evidence, analyze attacker behavior, document findings, and connect technical activity to defensive security outcomes.
The main purpose of this site is to show how I think as a blue team analyst. Instead of only listing certifications, this portfolio shows investigations, case notes, detection logic, forensic analysis, threat intelligence research, and technical walkthroughs that demonstrate applied skill.
All Technical Projects
These projects document hands on defensive security work across lab environments, public training platforms, personal research, and sanitized professional experience.
HTB CDSA Enterprise Intrusion Analysis
Hands on defensive security certification project focused on enterprise intrusion analysis, incident response, evidence correlation, and professional reporting.
View projectBlue Team Level 1 BTL1
Blue team certification lab covering phishing analysis, SIEM investigations, digital forensics, incident response, threat intelligence, and defensive reporting.
View projectCCDL1 SOC Analyst Certification
SOC analyst certification lab covering alert triage, cloud log review, AWS log analysis, threat detection, incident workflow, and investigation reporting.
View projectTryHackMe SAL1 Security Analyst
Security analyst certification project focused on SOC workflows, alert investigation, defensive operations, security tooling, and practical analyst decision making.
View projectCEHv13 Academia ELITE Labs
Hands on security lab bundle covering reconnaissance, enumeration, web application testing, cloud security, cryptography, malware concepts, and security tooling.
View projectBEC KY Investigation
Business Email Compromise investigation using Azure audit logs, email exports, suspicious inbox rules, and financial fraud indicators.
View projectCEHv13 Academia ELITE Labs
Hands on lab bundle covering reconnaissance, enumeration, web application testing, cloud security, cryptography, and security tooling.
View projectOski Stealc Malware Analysis
Sandbox and threat intelligence analysis of Stealc malware behavior, credential theft, configuration details, and MITRE ATT&CK mapping.
View projectAPT34 OilRig Tabletop Exercise
Incident response simulation focused on unauthorized email access, lateral movement, containment, recovery, and response decision making.
View projectAPT29 Cozy Bear Tabletop Exercise
Incident response simulation involving unauthorized access, data exfiltration concerns, containment, escalation, and recovery planning.
View projectUNC3944 Scattered Spider Tabletop Exercise
Data theft tabletop exercise involving administrator misuse, cloud activity, Linux and Mac systems, containment, and team communication.
View projectTusk InfoStealer Threat Intelligence Lab
Threat intelligence investigation involving InfoStealer activity, malicious infrastructure, IOC extraction, and cryptocurrency wallet movement.
View projectAttacker Vs Six Defenders Tabletop Exercise
Defensive exercise design focused on attacker actions, defender counters, evidence sources, telemetry, and detection gap identification.
View projectFull MITRE ATT&CK Coverage Map
Sanitized detection engineering project mapping attacker behavior, telemetry, and detection logic across multiple security tools.
View projectMalicious ChatGPT Browser Extension Analysis
Malicious browser extension analysis covering obfuscation, credential theft, keylogging, cookie access, AES encryption, and exfiltration.
View projectVolatility Reveal Memory Analysis
Endpoint memory forensics focused on suspicious PowerShell activity, remote DLL execution, user context, and malware identification.
View projectOpenWire Wireshark Analysis
Packet capture investigation of Apache ActiveMQ exploitation, OpenWire traffic, malicious XML retrieval, and reverse shell payload delivery.
View projectMicrosoft Sentinel Challenge Lab
SOC investigation lab focused on Microsoft Sentinel incidents, Log Analytics, entity review, incident ownership, and escalation workflow.
View projectOSINT and Digital Forensics Cerulean Lab
Forensic investigation involving suspicious RDP activity, browser history, Slack usage, Google Drive activity, and Windows Defender logs.
View projectReverse Malware Engineering BlackEnergy 2 Lab
Memory based malware investigation using Volatility 2, malfind, SSDT hooks, driver dumping, and SHA256 enrichment.
View projectCountdown Digital Forensics Lab
Forensic disk image investigation involving Autopsy, Windows artifacts, messaging data, browser history, thumbnail cache, and SQLite review.
View projectHaunted Company Threat Intelligence Lab
Threat intelligence investigation involving Base64 decoding, ExifTool metadata, IOC extraction, adversary analysis, and web shell attribution.
View projectIntroduction to Phishing SOC Simulator
Splunk based SOC simulator lab focused on phishing alerts, suspicious emails, attachment evidence, case reports, and True Positive closure.
View projectPhishing Unfolding SOC Simulator
Live phishing attack simulation involving PowerShell execution, reverse shell behavior, suspicious DNS requests, and case reporting.
View projectReal Life Phishing Message Analysis Using ANY.RUN
Safe analysis of real phishing messages using ANY.RUN to inspect suspicious links, redirect behavior, attacker intent, and indicators.
View projectCurrent Direction
This portfolio is being actively expanded with more blue team investigations, lab writeups, and sanitized detection engineering work. The goal is to show both technical depth and clear communication across defensive cybersecurity domains.