Multi-VM environment running on QEMU/KVM with isolated network segments. Hosts an Active Directory domain, a Kali attack box, and various target machines for practicing real-world attack and defense scenarios.

Built a full AD domain from scratch — domain controller, OU structure, Group Policy Objects, and RBAC security groups. Used to practice provisioning, privilege escalation paths, and hardening techniques.

Deployed Wireshark and tcpdump across lab segments to capture and analyze traffic. Practiced identifying anomalous patterns, clear-text credential exposure, and common protocol behaviors (DNS, SMB, HTTP).

Ongoing practice through Osprey Security Club workshops and independent lab work. Focus areas include enumeration, privilege escalation on Windows/Linux, and common web vulnerabilities. Using TryHackMe and local VMs.

Configured a software-based firewall with zoned network rules to segment lab traffic. Set up a personal VPN server to practice tunnel configuration, certificate management, and encrypted remote access.

Collection of Python and PowerShell scripts to automate repetitive security tasks — AD user auditing, log parsing, port scanning wrappers, and patch compliance checks. Built to mirror real enterprise workflows.

Plan to deploy Wazuh as a SIEM/XDR in the home lab. Will configure log ingestion from Windows and Linux endpoints, build detection rules for common attack techniques, and practice alert triage workflows.