Cam's Projects

Hacking A Website (Well Two)

Google Gruyere Hack: In this project, I conducted a comprehensive vulnerability assessment of the Google Gruyere site. I performed various types of attacks including brute force attacks, cross-site scripting (XSS), phishing, and client-state manipulation. Along with these attacks, I also provided valuable prevention methods for each type of attack, demonstrating my deep understanding of both offensive and defensive aspects of cybersecurity.

Juice Shop Hack: For this project, I carried out penetration testing on the OWASP Juice Shop, a more challenging platform with modern vulnerabilities. I attempted various exploits including AI exploitation, accessing confidential documents, blockchain crypto payment address redirection, search bar exploitation, and even a DDOS attack. For each exploit, I explained the tools and methods I used, and suggested mitigations to prevent such attacks in the future.

Both of these projects showcase my skills in ethical hacking and my understanding of cybersecurity principles. They highlight my ability to identify vulnerabilities, exploit them, and suggest preventive measures. These projects are a testament to my commitment to improving the security of digital systems. As always, I ensure to have permission before attempting to find vulnerabilities in a system or network, as unauthorized hacking is illegal and unethical.

Vulnerability & Risk Management

Configured Nessus Essentials to perform credentialed vulnerability scans on Windows 10 Hosts. Established a comprehensive Vulnerability Management Function in sandbox networks, including discovery, prioritization, assessment, reporting, remediation, and verification. Conducted vulnerability assessments with Nessus and implemented remediation processes for identified issues. Designed an automated system to proactively address vulnerabilities caused by Windows Updates and third-party software.

SQL Database Creation for Sports League and Video Game

Designed an efficient relational database schema with tables, relationships, and constraints to support data management needs. Developed optimized SQL queries for data retrieval, analysis, and reporting, leveraging indexing and query optimization techniques to enhance performance.

AWS Networking VPC

Transformed a private subnet into a public one by configuring an internet gateway and routing external connectivity. Established secure access to a MySQL server within the private subnet by implementing tailored outbound rules. Additionally, optimized the network configuration to ensure scalability, efficiency, and secure resource accessibility.

AWS S3 Static Website and Server Site

Customized a website using an HTML template and hosted it on Amazon S3. Configured the S3 bucket, managed permissions, and deployed the website to ensure accessibility. Set up and configured an HTTPD server, routed traffic to the S3 website endpoint, and verified the system’s functionality. Files were effectively copied from S3 to the server directory for seamless integration.

Web Development and Server Management

Created a dedicated directory and index.html file for a new website. Configured a Virtual Host with tailored parameters, including ServerAdmin, ServerName, ServerAlias, DocumentRoot, ErrorLog, and CustomLog. Enabled the site, ensured smooth operation of the Apache server, and updated the hosts file for accurate site redirection.

Building a Network

Designed tailored network topologies to suit the unique layouts and device requirements of various buildings. For Scovil, developed a tree topology to optimize connectivity across multiple floors using switches. In Gorin, implemented a ring topology to address the building's specific device placement needs. Designed a hybrid topology for University Commons (UC) to accommodate its diverse layout across multiple floors. Established a centralized star topology for PCN and a point-to-point/bus topology for Kirkland, ensuring efficient connectivity for fewer devices.