Home Original page

raoulmoise - Overview

πŸ›‘οΈ Raoul's Cybersecurity Homelab

Hands-on Blue Team environment for learning and documenting cybersecurity detection, response, and hardening techniques.
This repo tracks configurations, tools, and use cases from my practical homelab β€” focusing on SIEM, threat detection, and incident response.

πŸ“‚ Quick Links

πŸ‘¨β€πŸ’» About Me

I'm Raoul, a Senior Network Engineer with a background in networking and virtualization, now building a Blue Team–focused cybersecurity homelab.
My goal is to develop practical, hands-on skills in SIEM deployment, endpoint monitoring, and log correlation, while documenting every setup step for transparency and reproducibility.

This repository serves as my structured learning journal, covering topics ranging from building a secure Windows domain to detecting simulated attacks using open-source tools.

πŸ“ Based in Romania | 🧠 Learning through real-world simulation

Focus: Threat detection, system hardening, and incident response across hybrid environments.

πŸ”§ Lab Stack & Tools

  • 🧰 Proxmox – Virtualization host for lab infrastructure
  • πŸ’» Windows AD / Sysmon / Winlogbeat – Domain, endpoint, and event telemetry
  • πŸͺΆ Wazuh – SIEM, EDR, and log analysis
  • 🐳 Docker – Containerized tooling (ELK, TheHive, Cortex, Security Onion)
  • πŸ“Š Grafana / Loki / Prometheus – Observability and metrics correlation
  • 🧠 Atomic Red Team / Caldera / Sigma Rules – Adversary simulation and detection logic
  • 🧩 Suricata / Zeek – Network-based detection

πŸ”— Connect

πŸ“« GitHub: @raoulmoise

πŸš€ LinkedIn: https://www.linkedin.com/in/raoul-moise-7b7005174/

β€œConsistency over pressure. Precision over panic.”
This is an ongoing systems-building lab, not a motivational sprint.