
Intrusion simulation and forensic log analysis on an isolated cybersecurity lab
This project is part of a personal cybersecurity lab built on VMware Workstation Pro, with an attacker machine (Kali Linux) and a target machine (Debian) isolated on a dedicated virtual network (VMnet2), with no access to production networks or the Internet.
Goal: deploy an SSH/Telnet honeypot (Cowrie) on the target, simulate a realistic brute-force attack from the attacker machine, then thoroughly analyze the traces left behind.
The most instructive part of this project was unplanned: a configuration mistake locked access to the attacker machine, with no usable snapshot to roll back to.
Rather than losing time on an uncertain recovery (failed GRUB single-user attempt), the VM was fully reinstalled from the official Kali image, network configuration and tooling restored, and the planned attack resumed. This incident is documented in detail in the project log, with a full timeline and remediation commands.
