Skip to content
View Kjean13's full-sized avatar
🎯
Focusing
🎯
Focusing
3 followers · 2 following

Block or report Kjean13

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Kjean13/README.md

Jean K.

Cybersecurity student focused on Blue Team, SOC operations, Active Directory security, DFIR and detection engineering.

Portfolio · LinkedIn · GitHub · Email

Highlights

  • Active Directory forensics - event ingestion, timeline reconstruction, correlation and structured reporting.
  • Sigma rule governance - duplicate detection, weakness scoring, ATT&CK coverage and CI-friendly quality checks.
  • Detection labs - practical environments for validating logs, alerts, attack traces and SIEM investigation workflows.
  • Microsoft 365 / Entra ID administration - user management, Conditional Access, workstation hardening and basic incident triage.
  • Defensive infrastructure - lab deployment, monitoring stack documentation and security tooling around Windows/Linux environments.

Projects

  • ADFT - Active Directory Forensic Toolkit for Windows event ingestion, correlation, timeline reconstruction and reporting.
    Repository

  • RuleScope - Sigma Rule Governance CLI for rule quality, catalog hygiene, duplicate detection and ATT&CK coverage.
    Repository

  • GOAD-Light Deployment - deployment guide for a vulnerable Active Directory lab with a defensive monitoring stack.
    Repository

Stack recap

  • Languages: Python, PowerShell, Bash
  • Systems: Linux, Ubuntu, Windows, Docker
  • Security: Splunk, Wazuh, Elastic, Wireshark, Suricata, Zeek, OpenCTI
  • Cloud: Microsoft 365, Entra ID, Azure, Intune

Current Focus

  • Active Directory security
  • DFIR methodology
  • SOC investigation
  • Detection engineering
  • SIEM workflows
  • Infrastructure hardening

Pinned Loading

  1. ADFT ADFT Public

    Active Directory Forensic Toolkit : Detect & reconstruct AD attacks from Windows event logs (EVTX)

    Python 51 2

  2. rulescope rulescope Public

    Governance engine for Sigma detection catalogs. Semantic duplicate detection, weakness scoring, ATT&CK coverage, and CI quality gates.

    Python

  3. aiagent-detection-rules aiagent-detection-rules Public

    Detection rules for the Claude Code source leak : 16 Sigma rules, Splunk, Elastic, YARA. Lab-validated on GOAD Light DC02.

    Shell 3

  4. goad-light-deployment goad-light-deployment Public

    Deploying Orange Cyberdefense's GOAD-Light on VirtualBox | step-by-step guide with troubleshooting and detection stack

    3 1