Skip to content
View juansasoc's full-sized avatar
1 follower · 2 following

Block or report juansasoc

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
juansasoc/README.md 
╔═══════════════════════════════════════════════════════════════════════════╗
║              Juan Rivera — Cloud Security & Detection Engineer            ║
║        Azure • AWS • Threat Hunting • ELK/ES | QL  • AI Red Teaming       ║
╚═══════════════════════════════════════════════════════════════════════════╝

  • AWS-Threat-Hunting-Field-Guide
    A field guide for threat hunting in AWS environments—includes ES|QL queries, Sigma rules, AI-prompt templates, and a private-ready emerging threats pack for IPFS/Web3 and advanced malware toolkits.

  • AI-Prompting-for-Threat-Hunting A field guide showing how SOC analysts and detection engineers can use AI prompting to accelerate threat hunting. Includes reusable prompt templates, platform examples (Windows, Azure, AWS, Elastic), and an AI glossary with evaluation checklists.

  • AZ-104-Anki-Flashcards — A complete study companion for the Microsoft Certified: Azure Administrator (AZ-104) exam. Includes domain decks, scenario-based challenges, and mock exams in Anki TSV format for hands-on study and review.

  • KQL Field Guide — A reference of practical Kusto Query Language (KQL) queries, hunting techniques, and notes for SOC analysts.

  • Microsoft SC-200 Anki Flashcards — Flashcards for Microsoft’s SC-200 Security Operations Analyst exam — available in TSV format for Anki.

  • Threat Hunting: TOR-Detection — A focused threat-hunting scenario exploring how to detect and analyze TOR network activity through proxy logs, DNS telemetry, and behavioral indicators.

  • Vulnerability-Management — A focused collection of playbooks and analysis workflows for identifying, prioritizing, and mitigating security weaknesses across enterprise environments.

  • WindowsEventLog-Analysis (Azure Honeynet) — A deep-dive hunting scenario leveraging Windows Event Logs to uncover persistence, lateral movement, and privilege escalation attempts. — A deep-dive hunting scenario leveraging Windows Event Logs to uncover persistence, lateral movement, and privilege escalation attempts.

  • My LinkedIn - ☁️ Cloud security by day, threat hunting by night — now with a side of AI. Building labs so real they almost need incident response.

  • 🔭 Check back for future projects including.... 👀 an updated Azure Honeynet 2.0 by Winter 2025!

  • ⚡ Fun fact: ... I'm a martial artist (Brazililan Jiu Jitsu, Judo)

Pinned Loading

  1. AI-Prompting-for-Threat-Hunting AI-Prompting-for-Threat-Hunting Public

    AI-driven 프rompt library for threat hunters: ready-to-use prompts and templates to accelerate investigations and hunt workflows in Azure Sentinel, Defender, and SOC environments.

  2. AZ-104-Anki-Flashcards AZ-104-Anki-Flashcards Public

    Anki flashcards aligned with Microsoft Learn AZ-104 modules and official hands-on labs. Covers core Azure administration — identity, governance, compute, storage, networking, and monitoring.

    Python

  3. AWS-Threat-Hunting-Field-Guide AWS-Threat-Hunting-Field-Guide Public

    Field guide for threat hunting in AWS: workbooks, queries, and frameworks tailored for CloudTrail, GuardDuty, Detective, and real-world SOC investigations.

  4. KQL-Field-Guide KQL-Field-Guide Public

    A comprehensive reference for detection engineers and threat hunters working with Microsoft Sentinel and M365 Defender. This repo combines field guide material (style, optimization, pivoting) with …

    1 1

  5. Azure-Project Azure-Project Public

    This project demonstrates practical, real-world threat hunting skills across Azure and Windows environments.