Skip to content
View NSVEXL's full-sized avatar

Block or report NSVEXL

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
NSVEXL/README.md

Hi, I'm Nelson (NSVEXL) πŸ‘‹

πŸ›‘οΈ Operations Coordinator Team & Corporate Client Management

10 years in Physical Security to Cybersecurity Operations. I bridge the gap between real-world security protocols and digital threat landscapes through automation, log analysis, and AI-driven tooling.

πŸš€ Latest Project

πŸ›‘οΈ SIEM-Lite β€” Log Analysis & Threat Detection Dashboard

A lightweight, fully functional SIEM built in Python that ingests real Linux and firewall logs, detects attack patterns, classifies them using the MITRE ATT&CK framework, and visualizes everything in a real-time web dashboard with VirusTotal IP enrichment.

Detection Rule MITRE ID Tactic Severity
SSH Brute Force T1110 Credential Access πŸ”΄ HIGH
Port Scan T1046 Discovery 🟑 MEDIUM
Privilege Escalation T1548 Privilege Escalation πŸ”΄ CRITICAL
Credential Dumping T1003 Credential Access πŸ”΄ CRITICAL
Off-Hours Login T1078 Initial Access 🟑 MEDIUM

Stack: Python Β· Flask Β· Pandas Β· Chart.js Β· VirusTotal API v3 Β· MITRE ATT&CK

πŸ› οΈ Technical Arsenal

  • Languages: Python (Security Automation), Bash, Linux CLI
  • Security Tools: Wireshark, Nmap, SIEM, Google Chronicle, VirusTotal API
  • Frameworks: MITRE ATT&CK, Zero-Trust Architecture, NIST CSF
  • AI & Automation: CrewAI, Gemini 2.5 Flash, FastAPI, multi-agent systems
  • Cloud: Google Cloud Platform

πŸ› οΈ Tech Stack & Tools

Python Linux Flask Google Cloud Wireshark CrewAI

πŸ“œ Certifications & Education

  • βœ… TryHackMe Cyber Security 101 β€” Completed March 2026
  • βœ… Google Cybersecurity Professional Certificate β€” Completed 2025
  • πŸ”„ CompTIA Security+ β€” In Progress
  • πŸ”„ TryHackMe SOC Level 1 β€” 2026

πŸ› οΈ Featured Security Projects

πŸ›‘οΈ SIEM-Lite

Log Analysis & Threat Detection Dashboard Lightweight SIEM in Python that parses Linux/firewall logs, detects attack patterns, maps them to MITRE ATT&CK, and visualizes everything in a Flask dashboard with VirusTotal IP enrichment.

πŸ€– ai-soc-analyst

AI-Powered Incident Response Triage Multi-agent system using Python and CrewAI that automates IP reputation checks via VirusTotal API. Reduces triage time by analyzing logs and providing structured summaries for human analysts.

πŸ›‘οΈ AI-Guard

Zero-Trust AI Web Filter Extension Chrome extension using Python + FastAPI providing real-time threat analysis. Combines DOM context scraping with the VirusTotal API and Gemini 2.5 to dynamically evaluate and block zero-day phishing and malicious web content.

πŸ”’ Locker-Script

System Access & Security Utility Python-based utility focused on system hardening and automated access control.

⚑ Connect with me

LinkedIn TryHackMe

Pinned Loading

  1. ai-soc-analyst ai-soc-analyst Public

    AI-powered SOC Analyst tool for automated IP reputation triage. Built with Python, CrewAI, Gemini 2.5 Flash, and VirusTotal API.

    Python

  2. Locker-Script Locker-Script Public

    Easy as locker script.