Skip to content
View TeflonJuan-tech's full-sized avatar

Block or report TeflonJuan-tech

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. endpoint-telemetry-pipeline endpoint-telemetry-pipeline Public

    Building a reliable Windows endpoint telemetry pipeline using Sysmon and Splunk before detection engineering.

  2. kali-to-splunk-authentication-detection kali-to-splunk-authentication-detection Public

    Simulated RDP brute force from Kali to Windows with Splunk detection, MITRE ATT&CK mapping (T1110), alerting, and defensive hardening.

  3. sysmon-eid1-detection-engineering sysmon-eid1-detection-engineering Public

    Detection engineering with Sysmon EID 1 in Splunk, including process baselining, LOLBin detections, and alert tuning.

  4. windows-authentication-abuse-detection windows-authentication-abuse-detection Public

    Detection engineering lab focused on identifying Windows authentication abuse (brute force, password spray, and account lockouts) using native Security logs ingested into Splunk. Includes validated…

  5. pfsense-to-splunk-rdp-segmentation-detection pfsense-to-splunk-rdp-segmentation-detection Public

    Phase 2 — Network segmentation validation and RDP brute force telemetry correlation using pfSense, Windows Security logs (4625), and Splunk SIEM.