Detecting RDP Brute-Force in Splunk
Query examples, tuning notes, and a detection rule.
Welcome
Detection engineering + incident response + offensive validation. Practical labs, clean evidence, and repeatable workflows across Windows telemetry and network data.
EchoPentest
Cisco Verified Ethical Hacker
GRCP
Cloud Security Knowledge
eJPT
Fortinet Cybersecurity Associate
Skills
Tools and platforms:
SplunkWazuhWiresharkZeek
SysmonWindows Event LogsPythonPowerShell
Threat Intel
Project spotlight View all
How to read these
Each project is documented like a case: environment → attack path → telemetry → detections → tuning → validation retest → remediation.
Each project is documented like a case: environment → attack path → telemetry → detections → tuning → validation retest → remediation.
EchoPentest
Penetration testing services for small to mid-sized Irish businesses, built around practical risk reduction: findings you can fix, proof you can verify.
What you get
Executive summary + technical detail + prioritized remediation + evidence for each issue.
Typical scopes
External perimeter, internal validation, Active Directory exposure, web app testing, configuration review.
Verification mindset
Retest flow to confirm fixes and reduce recurring risk.
Business link
Portfolio focuses on engineering and proof. Business site focuses on services and delivery.
Target: small–mid Irish businesses (practical security upgrades, not vague reports).
Certifications
Cisco Verified Ethical Hacker
GRCP
Cloud Security Knowledge
eJPT
Fortinet Cybersecurity Associate
Blog & Writeups
Short reads from investigations and detections:
How I Read PCAPs Quickly
Filters, Zeek logs, and a triage checklist.
Contact
Email: bobonikolov02@gmail.com
LinkedIn: linkedin.com/in/bobonikolov · GitHub: github.com/Nikolov999