Skip to content
View Kjean13's full-sized avatar
🎯
Focusing
🎯
Focusing
3 followers · 4 following

Block or report Kjean13

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Kjean13/README.md

Jean Koumou

JKM

Cybersecurity Engineering Student | Blue Team | DFIR | Detection Engineering

Portfolio · LinkedIn · GitHub · Email 

                     ======================================================================
                      BLUE TEAM | DFIR | CYBER THREAT INTELLIGENCE | DETECTION ENGINEERING 
                     ======================================================================

Profile

  • Cybersecurity engineering student at ESIEA, building a profile around vulnerability analysis, defensive tooling and security automation.
  • Cyber Threat Intelligence Analyst at ******, working on digital evidence, suspicious infrastructure, IOC enrichment and structured reporting.
  • Hands-on experience with Windows, Linux, Active Directory, Microsoft 365, SIEM deployment and incident triage.
  • Seeking a 36-month cybersecurity apprenticeship with a 2 weeks company / 2 weeks school schedule in France.

Featured Projects

ADFT - Active Directory Forensic Toolkit

Offline Windows and Active Directory investigation toolkit with a CLI and local web interface.

  • EVTX, JSON, CSV, CEF, XML, Syslog and ZIP ingestion
  • deterministic detections and correlations
  • timeline reconstruction, attack-path analysis and exposure scoring
  • HTML, JSON, CSV, ATT&CK Navigator and Mermaid exports

Python EVTX FastAPI MITRE ATT&CK DFIR

stealerXHunter

Open-source local anti-infostealer hardening tool for Linux and Windows.

  • synchronous Linux pre-read protection with fanotify
  • explainable ALLOW / DENY decisions and local evidence logs
  • Windows observe and hardening backend with reversible controls
  • Safe Capture Demo, rollback workflow, CI gates and packaged V1.0.0 release

Python Bash PowerShell Linux Windows systemd

View V1.0.0 release

GOAD-Light Detection Lab

Personal deployment and defensive monitoring guide built around Orange Cyberdefense's GOAD-Light lab.

  • vulnerable Active Directory environment
  • Windows and Sysmon log collection with Wazuh
  • Suricata network visibility
  • controlled attack scenarios for detection validation and investigation practice

Active Directory Wazuh Sysmon Suricata Ansible VirtualBox

Technical Stack

Python PowerShell Bash Linux Windows Docker Git

  • Detection and investigation: SIEM, EDR, Sysmon, Sigma, MITRE ATT&CK, EVTX, IOC analysis
  • Infrastructure: Active Directory, Windows Server, Linux, Microsoft 365, Entra ID, Docker, Ansible
  • Network and reconnaissance: TCP/IP, DNS, Wireshark, Nmap, Shodan, Suricata, Zeek
  • Security platforms: Splunk, Wazuh, Elastic, OpenCTI

Current Focus

  • Active Directory forensics and attack-path reconstruction
  • SOC investigation and SIEM workflows
  • Detection engineering and rule quality
  • Local endpoint hardening and anti-infostealer research
  • CTI, IOC enrichment and incident reporting

Training

  • Cisco CyberOps: SOC Operations
  • NIST Cybersecurity Framework 2.0
  • CyberDefenders

Pinned Loading

  1. ADFT ADFT Public

    Active Directory Forensic Toolkit : Detect & reconstruct AD attacks from Windows event logs (EVTX)

    Python 51 2

  2. stealerxhunter stealerxhunter Public archive

    Strict local anti-infostealer hardening for Linux and Windows.

    Python 1

  3. aiagent-detection-rules aiagent-detection-rules Public

    Detection rules for the Claude Code source leak : 16 Sigma rules, Splunk, Elastic, YARA. Lab-validated on GOAD Light DC02.

    Shell 3

  4. goad-light-deployment goad-light-deployment Public

    Deploying Orange Cyberdefense's GOAD-Light on VirtualBox | step-by-step guide with troubleshooting and detection stack

    3 1