Skip to content
View mdfadhih's full-sized avatar

Block or report mdfadhih

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
mdfadhih/README.md

Hi πŸ‘‹, I'm Mohamed Fadhih

Security & Cloud Engineer | Full Stack Developer

Azure Sentinel β€’ Wazuh β€’ Splunk β€’ KQL β€’ Python β€’ React β€’ Node.js β€’ TypeScript β€’ Melbourne, Australia

Master of Cybersecurity (Monash, Group of Eight) | AWS Certified | Full Work Rights (485 Visa)

πŸ” Cybersecurity Portfolio: https://cybersecurity-portfolio-drab.vercel.app | 🌐 Dev Portfolio: https://my-portfolio-seven-tawny-79.vercel.app

πŸ’Ό LinkedIn: https://www.linkedin.com/in/fadhih | πŸ’» GitHub: https://github.com/mdfadhih

profile views


πŸš€ About Me

Security & Cloud Engineer and Full Stack Developer with 3+ years building production applications and hands-on SOC operations experience across Azure Sentinel, Wazuh, and Splunk.

  • πŸ” Built 3 cybersecurity projects β€” Azure Sentinel SOC lab, Wazuh+Splunk home lab (1,195 alerts), Python OWASP scanner
  • πŸ›‘οΈ SOC internship at Digillium β€” 500+ monthly alerts triaged, zero missed critical events, 20% false positive reduction
  • ☁️ AWS CCP certified | Master of Cybersecurity β€” Monash University (Group of Eight)
  • πŸ€– Built DocuChat β€” full-stack RAG app with Gemini AI, vector embeddings and streaming responses
  • ⚑ 8+ production applications serving 10,000+ daily users
  • 🌏 Based in Melbourne, Australia with full work rights (485 Visa)

πŸ” What Makes My Profile Different

I combine security operations, cloud engineering, and full stack development β€” meaning I don't just detect threats, I understand how systems are built and where they break.

  • βœ… SOC operations β€” real internship experience triaging 500+ monthly alerts in 24/7 production
  • βœ… Hands-on lab work β€” 1,195 Wazuh alerts, Azure Sentinel KQL rules, Kali Linux attack simulations
  • βœ… Secure development β€” OWASP Top 10, JWT/OAuth 2.0, IAM least-privilege built into every project
  • βœ… AI engineering β€” RAG pipelines, vector search, LLM integration, streaming responses

πŸ’» Tech Stack

πŸ” Security

Azure Sentinel Splunk Wazuh Kali Linux OWASP Metasploit

Frontend

React Next.js TypeScript JavaScript HTML5 CSS3 Tailwind CSS

AI & Backend

Gemini AI Node.js Express Python Flask

Database & Vector Search

Supabase PostgreSQL MySQL

DevOps & Cloud

AWS Azure Vercel Docker GitHub Actions Git

State Management & Testing

Redux Jest


πŸ† Featured Projects

Tech: Azure Sentinel Β· KQL Β· AWS CloudTrail Β· GuardDuty Β· Windows Server 2022 Β· NIST IR

Cloud SOC detection lab on Microsoft Azure β€” simulated 5 MITRE ATT&CK techniques, wrote 8 custom KQL detection rules, documented 3 NIST IR incident reports.

  • 🎯 5 attack simulations: T1110 brute force Β· T1053 persistence Β· T1059.001 PowerShell Β· T1087 enumeration Β· T1078 valid accounts
  • πŸ” 8 custom KQL Sentinel Analytics rules with MITRE mapping and tuning notes
  • πŸ“‹ 3 full NIST IR incident reports with evidence chains and remediation
  • ☁️ AWS CloudTrail + GuardDuty layer for cloud threat detection

Tech: Wazuh 4.7 Β· Splunk 9.2 Β· Kali Linux Β· VirtualBox Β· Metasploit Β· Hydra Β· Sysmon

3-VM home SOC lab β€” Ubuntu (Wazuh SIEM), Windows Server 2022 (target), Kali Linux (attacker). Real attacks, real detections.

  • 🚨 1,195 total Wazuh alerts Β· Level 12 Critical detection (T1484 β€” Administrators group changed)
  • βš”οΈ nmap Β· Hydra Β· Metasploit EternalBlue from Kali Linux attacker VM
  • πŸ“Š 3 Splunk dashboards: Failed Login Monitor Β· Process Creation Β· Security Events Overview
  • πŸ“‹ 3 NIST IR incident reports covering reconnaissance, brute force, privilege escalation

Tech: Python 3.11 Β· Docker Β· GitHub Actions Β· OWASP Β· DVWA Β· pytest

Custom Python web vulnerability scanner with 5 OWASP checks and HTML report generation.

  • πŸ” 5 checks: SQL injection (A03) Β· XSS (A03) Β· Open ports (A05) Β· Security headers (A05) Β· Directory traversal (A01)
  • πŸ“„ Generates HTML reports with severity ratings, OWASP reference and remediation guidance
  • 🐳 Dockerised + GitHub Actions CI β€” spins up DVWA, runs pytest, executes full scan on every push
  • βœ… Confirmed detections across all 5 OWASP checks against DVWA

Tech: React Β· TypeScript Β· Node.js Β· Gemini AI Β· Supabase pgvector Β· Vercel Β· Render

Full-stack RAG application β€” upload any PDF and chat with it using natural language.

  • 🧠 Complete RAG pipeline: PDF parsing β†’ chunking β†’ vector embeddings β†’ cosine similarity β†’ streaming LLM response
  • ⚑ Streaming responses token by token using Server-Sent Events
  • 🎯 Dynamic question suggestions generated from document content using Gemini AI
  • πŸ—„οΈ Vector storage with Supabase pgvector (768-dim Gemini embeddings)

Tech: React Β· TypeScript Β· AWS Lambda Β· S3 Β· API Gateway Β· IAM

  • Serverless architecture with secure S3 upload using presigned URLs and IAM least-privilege access control
  • Reduced image processing time by 30% with optimised Lambda functions
  • Sub-second response times across all endpoints

Tech: React Β· TypeScript Β· Python (Flask) Β· PostgreSQL Β· Mapbox

  • Full-stack application with dynamic filtering and map visualisation
  • Optimised PostgreSQL queries achieving sub-200ms response times
  • Increased user engagement by 35% through geospatial interface

πŸ“ˆ GitHub Stats


🎯 Current Focus

  • πŸ” Actively seeking SOC Analyst / Security Analyst roles in Melbourne
  • πŸ›‘οΈ Studying CompTIA Security+ SY0-701 (expected Aug 2026)
  • πŸ€– Building AI-powered applications with RAG pipelines and LLM integration
  • ☁️ Expanding AWS and Azure security expertise
  • πŸš€ Building production-ready applications with Next.js and TypeScript

πŸ“« Let's Connect

πŸ“ Melbourne, Australia | πŸ’Ό Open to: SOC Analyst Β· Security Analyst Β· Cloud Security Β· Full Stack Engineer


⚑ I combine security operations, cloud engineering, and full stack development β€” building things that are fast, secure, and production-ready.

Pinned Loading

  1. Cloud_Based_Image_Storage Cloud_Based_Image_Storage Public

    Cloud-native image tagging platform using React, AWS Lambda, S3, and DynamoDB.

    TypeScript

  2. EasyOrder EasyOrder Public

    WhatsApp ordering system with product listing, cart functionality, and responsive UI.

    JavaScript

  3. GenderEq GenderEq Public

    Job discovery platform with childcare mapping and company comparison built with React and Flask.

    CSS

  4. my-portfolio my-portfolio Public

    Developer portfolio built with React showcasing frontend projects, cloud applications, and live demos.

    JavaScript

  5. Docuchat Docuchat Public

    πŸ€– RAG-powered document Q&A β€” upload any PDF and chat with it using Gemini AI, vector embeddings and streaming responses

    TypeScript