Pinned Repositories
AaronLocker
Robust and practical application whitelisting for Windows
adb
Adaptive Document Builder
ansible-splunk-playbook
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
ARTHIR
ATT&CK Remote Threat Hunting Incident Response
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
awesome-windows-domain-hardening
A curated list of awesome Security Hardening techniques for Windows.
guacamole-docker-compose
Guacamole with docker-compose using PostgreSQL, nginx with SSL (self-signed)
threathunting-spl
Splunk code (SPL) for serious threat hunters and detection engineers.
medtemo's Repositories
medtemo/ARTHIR
ATT&CK Remote Threat Hunting Incident Response
medtemo/awesome-windows-domain-hardening
A curated list of awesome Security Hardening techniques for Windows.
medtemo/Free-Incident-Response-Management-and-Documentation-Workbook
A free incident response management and documentation workbook
medtemo/Get-Baseline
PowerShell Script for Agentless Incident Response
medtemo/hunt-detect-prevent
Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
medtemo/osquery-configuration
A repository for using osquery for incident detection and response
medtemo/osquery-scripts
Configuration and parsing of osquery related data
medtemo/pafishmacro
Pafish Macro is a Macro enabled Office Document to detect malware analysis systems and sandboxes. It uses evasion & detection techniques implemented by malicious documents.
medtemo/pwnwiki.github.io
PwnWiki - The notes section of the pentesters mind.
medtemo/sysmon-config
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
medtemo/SysmonResources
Consolidation of various resources related to Microsoft Sysmon & sample data/log
medtemo/ThreatWaffle
Threat hunting repo for my independent study on threat hunting with OSQuery
medtemo/windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
medtemo/Windows-Hunting
medtemo/Windows-Secure-Host-Baseline
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber