Skip to content
View Lovedipsingh's full-sized avatar
1 follower · 0 following
  • Indianapolis, Indiana

Block or report Lovedipsingh

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Lovedipsingh/README.md

Lovedip Singh

SOC Analyst | Security+ | Network+ | U.S. Army Veteran (Secret Clearance)

I investigate security incidents, build detection tools, and analyze network traffic. Seven years in the Army taught me how to troubleshoot under pressure and document findings clearly. Now I'm applying that to cybersecurity.

Currently pursuing SOC Analyst roles in both private sector and government/cleared positions.

Projects

Microsoft Sentinel - KQL Detection Lab
Built 5 production-ready KQL detection rules for credential attacks (T1110, T1078). Added temporal correlation logic and RFC1918 IPv4/IPv6 filtering. Reduced false positives by 96% through LogonType scoping.

Splunk SOC Lab - BOTSv3
Investigated 1.28M Windows Security and Sysmon events. Identified SYSTEM-level PowerShell C2 beaconing to Vultr infrastructure. Wrote SPL correlation queries and mapped findings to MITRE ATT&CK T1059.001 and T1071.001.

Active Directory Attack Detection Lab
Simulated brute force, rogue account creation, and privilege escalation attacks against a Windows domain. Built SPL queries to detect each attack pattern using Event IDs 4625, 4720, 4728, and 4732.

Technical Skills

SIEM & Detection: Splunk (SPL), Microsoft Sentinel (KQL), Windows Event Logs, Sysmon, IOC identification, alert triage
Security Tools: Wireshark, Nmap, Metasploit, Kali Linux
Scripting: Python (Flask, Scapy, automation)
Frameworks: MITRE ATT&CK, NIST CSF, PICERL
Networking: TCP/IP, DNS, HTTP/S, ARP, packet analysis
Operating Systems: Windows (Event Logs, Sysmon, PowerShell), Linux (Kali, Ubuntu)

Certifications

  • CompTIA Security+ (SY0-701) - February 2026
  • CompTIA Network+ (N10-009) - February 2026
  • CompTIA CySA+ (CS0-003) - Scheduled April 2026

Military Service

U.S. Army Staff Sergeant (E6) | 7.5 Years | Honorable Discharge
Secret clearance held for 7.5 years. Supervised 300+ personnel and managed $500M+ in assets with zero loss. Veterans preference eligible.

Connect

📧 lovedip590@outlook.com
🔗 LinkedIn

Pinned Loading

  1. Malwarebox Malwarebox Public

    🛡️ A Python-based malware analysis sandbox with a web dashboard — static analysis, IOC detection, entropy scoring, and dynamic behaviour monitoring.

    Python

  2. network-traffic-analyzer network-traffic-analyzer Public

    Real-time network packet capture and threat detection tool — detects port scans, ARP spoofing, DNS tunneling, and data exfiltration

    Python

  3. Phishing-Detector Phishing-Detector Public

    Python-based phishing email analyzer with a web dashboard — detects spoofed headers, malicious URLs, brand impersonation, and IOCs with risk scoring 0-100

    HTML

  4. splunk-soc-lab splunk-soc-lab Public

    Splunk SOC investigation lab using Windows Security and Sysmon logs detects failed logons, anomalous PowerShell execution, and C2 beacon activity across lab endpoints using the BOTS v3 dataset

  5. Wireshark-Network-Analysis-Lab Wireshark-Network-Analysis-Lab Public

    Hands-on network traffic analysis lab using Wireshark and Nmap against Metasploitable2 — captures port scans, identifies 21 vulnerable services, and documents critical CVEs in an isolated Kali Linu…