Tomiwa's Portfolio

A portfolio showcasing projects

View project on GitHub

Introduction

Name
Tomiwa Oladejo
Qualifications
University of Surrey | MSc Cyber Security – In Progress
Nottingham Trent University | BSc (Hons) Computer Systems (Cyber Security) – 2:1

On thiss website is showcase a collection of projects I have completed. These hands-on experiences span various areas of this dynamic and ever-evolving field, including threat detection, vulnerability assessment, and SIEM operations. Each project has not only strengthened my technical skills but also deepened my understanding of various principles (Networking, Systems, Cyber Security etc.) in real-world contexts. Through these explorations, I have significantly expanded my knowledge base and embraced a mindset of continuous learning and improvement.

Projects

Below you can find an assortment of different projects:

Microsoft Azure & Sentinel SIEM Lab

  • Deployed a honeypot Windows VM in Azure and configured log ingestion using Microsoft Sentinel via Log Analytics Workspace and Azure Monitor Agent (AMA).
  • Simulated a brute-force attack, generating over 24,000 failed login attempts to analyse alert behaviour.
  • Created custom KQL queries to identify and filter failed login events (EventID 4625) by IP, account, and timestamp.
  • Uploaded a geolocation watchlist and built a threat map in Sentinel Workbooks to visualise attack origin (Netherlands).
  • Demonstrated key SOC workflows including detection logic, data enrichment, and visual reporting.

Email Spam Filter

  • Built a spam classifier using TensorFlow/Keras, achieving 92% accuracy on real-world email datasets.
  • Applied NLP techniques for text cleaning, tokenization, and classification.
  • Evaluated model performance using AUC and confusion matrix metrics.
  • Gained experience in machine learning pipelines and email threat detection.

Vulnerability Assessment and Penetration Testing

  • Conducted vulnerability scans using OpenVAS and Nmap across a simulated enterprise network.
  • Identified and validated 29 vulnerabilities, including weak configurations and outdated services.
  • Used Metasploit for manual exploitation of critical findings and documented structured remediation plans.
  • Developed skills in vulnerability analysis, prioritization, and technical report writing.

Information Security Management Portfolio

  • Designed an ISMS framework in response to a real-world data breach scenario (Alibaba case study).
  • Created risk registers, mapped controls to ISO 27001 standards, and addressed GDPR compliance concerns.
  • Produced detailed policy documentation covering risk management, incident response, and asset protection.
  • Strengthened skills in security governance, risk assessment, and policy development.

Computer Forensics and Investigation

  • Used Cellebrite Physical Analyzer to extract logical and physical data from mobile devices.
  • Reconstructed digital timelines and correlated artifacts like SMS, app data, and geolocation records.
  • Compiled a court-admissible forensic report, maintaining chain-of-custody and evidential integrity.
  • Developed skills in forensic analysis, report writing, and evidence handling.

Denial of Service Attacks with Mitigations

  • Analysed common transport and application-layer DoS attacks (e.g., SYN flood, HTTP flood, Slowloris).
  • Evaluated system impacts and proposed layered mitigations such as WAFs, SYN cookies, and rate limiting.
  • Linked research findings to broader business continuity and resilience planning strategies.
  • Built knowledge in threat modeling and defensive security design.