Skip to content
View CRobin0780's full-sized avatar
1 follower · 0 following

Block or report CRobin0780

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
CRobin0780/README.md

πŸ‘‹ Hi, I'm Chris Robinson

🎯 Military veteran transitioning into IT/Cybersecurity | SysAdmin & SOC Analyst
πŸ›‘οΈ Building a production-grade enterprise SOC homelab: Fort Reign
πŸ“ Colorado Springs, CO | Active Secret Clearance | Open to SysAdmin & Azure Admin roles
πŸ’Ό Client Support Administrator @ Apex Systems β†’ Amentum IRES (DoD)

🏰 Fort Reign β€” Enterprise SOC Homelab

Fort Reign is a fully operational enterprise-style infrastructure and security operations environment built on a 3-node Proxmox cluster. It mirrors real-world DoD and enterprise environments with hybrid identity, centralized SIEM, endpoint detection, threat intelligence, and automated infrastructure management.

Infrastructure

Component Details
Hypervisors 3-node Proxmox cluster β€” Dell T7810 (64GB), OptiPlex 7070 (32GB), OptiPlex 3050 (16GB)
Network Ubiquiti ER-X router Β· Cisco SG300 managed switch Β· 4-VLAN design (Management, Enterprise, Attack, IoT)
Domain Windows Server 2022 Active Directory Β· DNS Β· DHCP Β· Group Policy
Hybrid Identity Microsoft Entra Connect Β· Password Hash Sync Β· MFA Β· DCSync attack path mapped via BloodHound
Automation Ansible control node managing 6 Linux servers Β· Self-hosted Gitea version control

πŸ” Security Stack (Phases 1–5)

SIEM & Monitoring

Tool Status Details
Wazuh βœ… Live 3 agents Β· Sysmon integrated Β· DC01, FRG-W10-01, FRG-W10-02
Splunk βœ… Live Wazuh forwarding pipeline Β· Detection dashboards in progress
Security Onion βœ… Live SPAN port monitoring Β· IDS Β· PCAP analysis

SOC Tools

Tool Status Details
Velociraptor βœ… Live Endpoint forensics & live response Β· 3 agents enrolled Β· VQL hunts running
MISP βœ… Live Threat intelligence platform Β· 5 active feeds (CIRCL, Feodo, URLhaus, MalwareBazaar, Phishtank)
BloodHound CE βœ… Live AD attack path analysis Β· DCSync rights mapped Β· MSOL sync account finding documented

πŸ“ Repositories

🧱 fortreign-sysadmin-lab

Enterprise infrastructure build β€” Active Directory, DNS, DHCP, Group Policy, VLAN segmentation, Proxmox cluster, Ansible automation, static IP management.

Key skills demonstrated:

  • Windows Server 2022 AD deployment and hardening
  • 4-VLAN network architecture with inter-VLAN routing
  • Ansible playbooks for patch management and configuration
  • Entra Connect hybrid identity with Password Hash Sync
  • Self-hosted Git (Gitea) for infrastructure version control

πŸ” fortreign-soc-lab

Full SOC stack deployment β€” SIEM pipeline, endpoint detection, threat intelligence, and incident response.

Key skills demonstrated:

  • Wazuh SIEM with Sysmon telemetry and Windows audit policies
  • Splunk log aggregation with Wazuh Universal Forwarder
  • Security Onion network security monitoring with SPAN port
  • Velociraptor endpoint forensics β€” VQL hunts across all endpoints
  • MISP threat intelligence with automated IOC feed ingestion
  • BloodHound AD attack path analysis β€” DCSync exposure documented
  • IR report writing (IR-2026-001: DCSync rights via Entra Connect)

☁️ fortreign-az104-lab

Azure hybrid identity and cloud administration lab β€” extends on-prem Fort Reign into Azure.

Key skills demonstrated:

  • Microsoft Entra ID tenant configuration
  • Entra Connect hybrid identity synchronization
  • MFA deployment and Conditional Access policy design
  • RBAC and Azure resource management

πŸ› οΈ Technical Skills

Infrastructure & Systems Proxmox Windows Server 2022 Active Directory DNS DHCP Group Policy Linux (Ubuntu 24.04) Rocky Linux

Security Operations Wazuh Splunk Security Onion Velociraptor MISP BloodHound Sysmon IDS/IPS PCAP Analysis Threat Hunting Incident Response

Identity & Cloud Microsoft Entra ID Entra Connect Hybrid Identity MFA Azure RBAC Conditional Access

Networking VLANs Inter-VLAN routing Ubiquiti EdgeOS Cisco SG300 pfSense Wireshark nmap

Automation & DevOps Ansible Bash PowerShell Python Gitea Git systemd Netplan

Frameworks & Compliance NIST RMF MITRE ATT&CK NIST 800-53 DoD 8570 ITIL v4

πŸ“œ Certifications

Certification Status
CompTIA A+ βœ… Earned
CompTIA Network+ βœ… Earned
CompTIA Security+ CE βœ… Earned
AZ-900 Azure Fundamentals βœ… Earned
ITIL v4 Foundation βœ… Earned
AZ-104 Azure Administrator πŸ”„ In Progress
CompTIA Linux+ πŸ“… Planned
RHCSA πŸ“… Planned
CCNA πŸ“… Planned

πŸŽ–οΈ Military Background

4 years U.S. Military service as a Logistics Officer β€” supply chain management, resource allocation, mission planning, and leading teams under operational conditions. The same discipline applied to building Fort Reign: structured phases, documented SOPs, version-controlled configs, and operational logging.

Active Secret clearance.

πŸ“« Connect

LinkedIn GitHub

Fort Reign is an ongoing build. New tools, attack simulations, and documentation added regularly.

Pinned Loading

  1. fortreign-sysadmin-lab fortreign-sysadmin-lab Public

    Enterprise homelab infrastructure β€” Active Directory, Proxmox cluster, VLAN segmentation, Ansible automation, hybrid identity with Entra Connect.

    PowerShell

  2. fortreign-soc-lab fortreign-soc-lab Public

    Production-grade SOC homelab β€” Wazuh, Splunk, Velociraptor, MISP, BloodHound, Entra Connect hybrid identity. 6-phase build with IR reports and Ansible automation.

  3. CRobin0780 CRobin0780 Public