Hi, I’m Fataal Muthoni, a passionate cybersecurity professional with a strong background in network security, incident response, and vulnerability assessments and penetration testing. I’m dedicated to protecting organizations from cyber threats and ensuring robust defenses through proactive monitoring, threat hunting, and detailed technical reporting.

My Journey in Cybersecurity

I hold a degree in Information Technology from Zetech University (2021–2023), where I developed a solid foundation in networking, systems administration, and programming. My passion for cybersecurity grew through hands-on training programs like Cyber Shujaa (Cloud and Network Security) and the BlueTeam Scholarship from Cyber Talents and CTFs which equipped me with practical skills in threat detection and incident response. I’m also a Certified Junior Penetration Tester (eJPT) and currently pursuing the Certified Red Team Analyst certification to deepen my offensive security expertise.

My professional journey includes roles that have honed my technical and analytical skills:

• Freelancer (Jan 2023 – Present): I conducted penetration testing, identifying critical vulnerabilities and providing actionable recommendations that improved their security postures. I also secured Azure cloud environments and resolved incidents using tools like Wireshark and SIEM platforms.
• VAPT Trainee at CyberSafe Foundation (March – Dec 2024): I performed advanced vulnerability assessments on systems like NeoBank and Metasploitable, reducing exposure to threats through optimized firewalls and patch management. I also conducted forensic investigations using SIEM tools, presenting detailed reports to enhance security policies.
• IT Attachee at Gearbox Academy (Jan – April 2023): I developed secure web applications and configured Azure environments, ensuring compliance with security best practices and improving system reliability.

What I Bring to the Table

I excel at breaking down complex security concepts into clear, actionable insights, whether through technical writing or direct communication. My skills include:

• Technical Expertise:
  • SIEM Tools: Proficient with Velociraptor, Splunk, Wazuh, and ELK for real-time monitoring and log analysis.
  • Endpoint Security: Experienced with IDS/IPS, firewalls, and endpoint protection tools to detect and mitigate threats.
  • Scripting & Programming: Skilled in Bash, PHP, Python, and JavaScript for automation and analysis.
  • Other Tools: Git, Docker, Wireshark, and vulnerability scanning tools for comprehensive security assessments.
• Soft Skills:
  • Strong leadership, mentorship, and conflict resolution, demonstrated through guiding junior trainees and collaborating in CTF teams.
  • Excellent communication, enabling me to present findings to both technical and non-technical audiences, as seen in my detailed Cyber Threat Intelligence report on FIN7 attacks.
• Certifications:
  • Certified Junior Penetration Tester (eJPT)
  • CCNA (Routing & Switching, CyberOps)
  • Certified Red Team Analyst (in progress)

My Motivation

I’m driven by the thrill of outsmarting cyber adversaries and protecting organizations from threats like those posed by the known threat actors, as explored in my recent projects. I’m also motivated by the chance to contribute to societal good by combating cybercrime, ensuring data confidentiality, and aligning with frameworks.

Beyond Cybersecurity

When I’m not diving into threat intelligence or analyzing logs, I enjoy participating in Capture The Flag (CTF) challenges, on platforms like Hack The Box and CTFtime. I also share articles and the walkthroughs of CTFs i managed to solve and also insights on cybersecurity trends, tools, and best practices. I’m passionate about mentoring aspiring cybersecurity professionals and staying at the forefront of the field through continuous learning.

Let’s Connect

I’m always eager to collaborate, share knowledge, or discuss the latest in cybersecurity. Feel free to connect with me on LinkedIn. Let’s work together to build a safer digital world!