print("Kia ora koutou!")
Introduction
My name is Emilio Mardones, and I am based in Aotearoa, New Zealand. I recently completed a Level 7 Diploma in Network Engineering & Cloud Computing and am building my career at the intersection of cloud infrastructure, networking, and cybersecurity.
This portfolio is an index of the hands-on projects, labs, and research I have published so far. My work spans:
- Cloud infrastructure labs in Azure, with growing focus on OpenStack and Kubernetes
- Network design, segmentation, and security hardening
- Malware analysis and sandbox research
- Python automation and IoT integrations
- Packet capture and protocol analysis with Wireshark and tcpdump
- Security reporting aligned with NIST and MITRE ATT&CK
- Continuous learning through TryHackMe and Hack The Box
This page will continue to evolve as I publish new labs, projects, and research.
Skills & Tooling
- Networking: segmentation, hardening, DNS / ICMP / TCP analysis, tcpdump, Wireshark
- Cloud & Infrastructure: Azure, OpenStack, Kubernetes, Docker / Docker Compose
- Security: malware analysis, SIEM (Wazuh), threat intelligence, NIST, MITRE ATT&CK
- Scripting: Python, PowerShell, Bash
Projects
Infrastructure, Cloud & DevOps
| Project | Description | Stack | Status |
|---|---|---|---|
| DevOps Portfolio Lab | Six-phase DevOps build on a single Ubuntu 24.04 VM: Linux fundamentals, Docker with Prometheus/Grafana observability, Kubernetes (K3s) and cluster security, Ansible and GitLab CI/CD, and an integrated multi-service app (Flask/MySQL/Redis) behind an Nginx reverse proxy. Emphasis on infrastructure-as-code, container image scanning, and OpenStack / data-sovereignty concepts. | Ubuntu, Docker, Kubernetes (K3s), Ansible, Prometheus, Grafana, Nginx, Flask, MySQL, Redis, Trivy, Grype, GitLab CI | ✅ Completed |
| SCADA IoT Lab — ICS Environment | Simulated ICS/SCADA environment modelling a fictional Auckland water treatment facility (AquaNet NZ, Avondale catchment). Streams six live sensor values — turbidity, E.coli, pH and nitrate from real LAWA 2004–2024 data, plus pipe pressure and flow from an EPANET hydraulic model — over MQTT into a Scada-LTS HMI dashboard, with a Python monitor logging readings and raising NPS-FM 2020 threshold alerts. Includes a security write-up on unencrypted MQTT/Modbus weaknesses, hardening steps, and real-world ICS incidents. | Python, paho-mqtt, Eclipse Mosquitto, Scada-LTS, ScadaBR, Docker Compose, MySQL, EPANET/EPyT, Ubuntu | ✅ completed |
Systems Administration & Service Desk
| Project | Description | Stack | Status |
|---|---|---|---|
| Service Desk Support Lab | Windows Server 2022 domain (AD DS, DNS, DHCP) with a domain-joined Windows 11 client and a Debian/Docker osTicket ticketing system. Around two dozen PowerShell/Bash automation scripts, Group Policy work (password, lockout, logon-hours, drive mapping), WSUS patch management, Intune device enrolment, and realistic help-desk ticket simulations — onboarding, resets, account unlocks, NTFS/share permissions. | Windows Server 2022, Active Directory, DNS, DHCP, Group Policy, WSUS, Intune, PowerShell, osTicket, Docker, MariaDB, Nginx, Debian | 🔄 In Progress |
Network & Traffic Analysis
| Project | Report | Status |
|---|---|---|
| DNS & ICMP Traffic Analysis with tcpdump | Network traffic activity report | ✅ |
| TCP Protocol & SYN Handshake Log Analysis with Wireshark | Network attack report | ✅ |
Malware Analysis
A self-directed malware analysis study conducted in an isolated VirtualBox environment, based on Practical Malware Analysis (Sikorski & Honig) and Evasive Malware (Cucci, 2024), following safe handling practices.
Repository → malware-analysis-lab
Documented inside the repository so far (open the repository above to read each entry):
| # | Lab | Category | Tools | Status |
|---|---|---|---|---|
| 01a | Lab Setup & Safe Analysis Environment | Setup | VirtualBox, Windows LTSC, REMnux | ✅ |
| 01b | FLARE-VM Troubleshooting Log | Troubleshooting | Chocolatey, Python, DISM | ✅ |
| 02a | Sample Acquisition | Acquisition | 7-Zip, unrar, Linux | ✅ |
| 02b | Hash Verification & Threat Intelligence | Static | PEview, strings, VirusTotal | ✅ |
| 02c | SIEM Integration & NAT Simulation | Infrastructure | Wazuh, INetSim, DNSChef | ✅ |
| 03 | Static Analysis — String Extraction | Static | strings, FLOSS | 🔄 |
| 04 | Behaviour Analysis | Dynamic | Process Monitor, Wireshark, x64dbg | 🔄 |
Certifications
2024 — Google Cybersecurity Professional Certificate (Coursera) Main certificate · Credly profile
- Foundations of Cybersecurity
- Managing Security Risks
- Network Security
- Linux and SQL
- Assets, Threats, and Vulnerabilities
- Detection and Response
- Automating Security Tasks with Python
- Communicating with Stakeholders and Escalating Incidents
2024 — EC-Council
- SQL Injection Attacks
- [Current] Network Defense Fundamentals Career Path
2024–2025 — Cisco Networking Academy
- Introduction to Cybersecurity
- Network Technician: Network Basics
- [Current] Networking Devices and Initial Configuration
- [Current] Python 1 for Networking
2024 — Cybrary
2024–2025 — TryHackMe
- Cybersecurity and Network Security
- [Current] SOC Level 1 Career Path