Fazeel Azam Cap-Levi

👾 Fazeel Azam 👾

┌──(analyst@blueteam)-[~]
└─$ whoami

Cybersecurity graduate specializing in Blue Team operations, digital forensics, and incident response. I focus on threat detection, log analysis, and defensive security strategies. While I have experience in offensive security, my passion lies in defending systems and investigating security incidents.

Blue Team Focus Areas

blue_team_expertise = {
    "dfir": ["Digital Forensics", "Incident Response", "Memory Analysis", "Disk Forensics"],
    "detection": ["SIEM Operations", "Log Analysis", "Threat Hunting", "IOC Identification"],
    "analysis": ["Network Traffic Analysis", "Malware Analysis", "Timeline Reconstruction"],
    "security_ops": ["Security Monitoring", "Alert Triage", "Threat Intelligence", "Case Documentation"]
}

Technical Arsenal

🔧 Languages & Scripting

🌐 Web Development

🗄️ Databases

🔵 Blue Team Tools

🔴 Red Team Tools (Purple Team Ops)

HackTheBox Sherlocks

🔵 Sherlocks Completed: [49/128] 🕵️

View My HTB Profile

I exclusively focus on HackTheBox Sherlocks, which are blue team-focused challenges involving:

Digital forensics investigations
Incident response scenarios
Log analysis and correlation
Threat actor TTPs identification
Timeline reconstruction
Evidence analysis and reporting

📚 Sherlock Writeups Repository

[+] Detailed writeups for each Sherlock challenge
[+] Investigation methodologies and tools used
[+] Key findings and lessons learned
[+] Link: https://cap-levi.github.io

Completed Sherlocks

→ Check the writeups repository for detailed investigations
→ Updated regularly as new Sherlocks are released
→ Each writeup includes: Timeline, IOCs, Tools, and Analysis

Current Operations

#!/bin/bash

current_focus=(
    "Solving and documenting HackTheBox Sherlocks"
    "Building DFIR automation tools"
    "Developing security monitoring dashboards"
    "Creating threat detection rules and playbooks"
    "Learning advanced forensics techniques"
)

for operation in "${current_focus[@]}"; do
    echo "[*] $operation"
done

Development Projects

Building security-focused applications:

DFIR Tools: Python scripts for log parsing and analysis
Security Dashboards: Web-based monitoring interfaces with Next.js
API Development: FastAPI for security data aggregation
Automation: Bash scripts for incident response workflows
Databases: Storing and querying security events and IOCs

Skills & Methodologies

Investigation Process

1. Initial Triage → 2. Data Collection → 3. Timeline Analysis
4. Artifact Examination → 5. IOC Extraction → 6. Report Generation

Analysis Capabilities

Windows Event Log Analysis (Security, System, Application, Sysmon)
Network Packet Analysis (PCAP investigation)
Memory Forensics (Process analysis, malware detection)
Web Server Log Analysis (IIS, Apache, Nginx)
Email Forensics and Phishing Investigation

Contact & Profiles

┌──(connect@blueteam)-[~]
└─$ cat contact.txt

[+] "The best defense is a well-prepared blue team."
[+] "Every incident is an opportunity to learn and improve defenses."

_{Last updated: 2025 | Open to blue team collaboration and DFIR discussions}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly