Skip to content
View Kjean13's full-sized avatar
0 followers · 2 following

Block or report Kjean13

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Kjean13/README.md

Jean K.

Infrastructure & Cybersecurity Student • Blue Team • SOC • Active Directory Security

Typing SVG

About Me

Hi, I’m Jean.

I am currently studying Infrastructure and Cybersecurity, with a practical focus on:

  • Blue Team operations
  • SOC workflows and security monitoring
  • Active Directory security
  • DFIR fundamentals
  • Detection engineering
  • System and network administration

I use personal projects to strengthen my technical skills, document my progress, and build a more operational understanding of cybersecurity environments.

Current Focus

  • Building a personal SOC / Blue Team lab
  • Developing ADFT — an Active Directory forensic analysis project
  • Practicing log analysis, detection logic and investigation workflows
  • Improving my skills on Windows event analysis, SIEM usage, MITRE ATT&CK and threat hunting
  • Connecting tools such as Wazuh, Suricata, Zeek, IRIS, OpenCTI, n8n and Python automation

Featured Projects

ADFT — Active Directory Forensic Toolkit

ADFT is a Python-based project focused on helping defenders analyze suspicious activity in Active Directory environments.

Current work includes:

  • ingestion of EVTX, JSON and SIEM-like logs
  • event parsing and normalization
  • detection-oriented analysis
  • MITRE ATT&CK mapping
  • timeline reconstruction
  • suspicious AD activity investigation support
  • defender-oriented outputs for analysis and hardening

Goal: build a practical and understandable investigation toolkit for Blue Team and Active Directory security use cases.

🔗 Repository: ADFT

SOC / Security Lab

A personal lab environment designed to explore realistic defensive workflows.

Main objectives:

  • simulate security-relevant activity
  • collect and analyze logs
  • test detections
  • validate investigation workflows
  • connect several tools in a more operational way

Technologies used:

  • Windows / Active Directory
  • Linux
  • Docker
  • Wazuh
  • Suricata
  • Zeek
  • OpenCTI
  • n8n
  • Python
  • PowerShell

Technical Stack

Tech stack icons

What I’m Developing

  • Active Directory security analysis
  • Detection engineering fundamentals
  • SOC workflows
  • DFIR practice
  • Threat hunting methodology
  • Security monitoring
  • Defensive tooling and automation

Connect With Me

2026 Goals

  • continue improving ADFT into a solid public project
  • strengthen my SOC, Blue Team and Active Directory security skills
  • publish a clean and credible cybersecurity portfolio
  • build practical projects aligned with real defensive needs
  • secure a strong opportunity in SOC, Blue Team or Cyber Defense

Build • Detect • Investigate • Improve

Pinned Loading

  1. ADFT ADFT Public

    Active Directory Forensic Toolkit : Detect & reconstruct AD attacks from Windows event logs (EVTX)

    Python 49 2