HurricaneLabs / splunksecretsLinks
splunksecrets is a tool for working with Splunk secrets offline
☆70Updated 3 weeks ago
Alternatives and similar repositories for splunksecrets
Users that are interested in splunksecrets are comparing it to the libraries listed below
Sorting:
- This repository contains Splunk queries to hunt some anomalies☆43Updated 2 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆134Updated 2 years ago
- Full of public notes and Utilities☆117Updated 4 months ago
- SPL cheatsheet for Splunk.☆24Updated 2 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆64Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated 2 weeks ago
- Forensic Artifact Collection Tool Matrix☆85Updated 7 months ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- ☆53Updated 2 months ago
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆13Updated last year
- Scripted inputs designed to address common use-cases in forwarder misconfigurations in a Splunk deployment☆35Updated 9 months ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Easily create index of your SANS books☆18Updated 2 years ago
- ☆14Updated 5 months ago
- Collection of useful Canary tools☆81Updated 3 weeks ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆57Updated 3 years ago
- Identify Azure blobs using a wordlist of account name and container name strings☆43Updated 3 months ago
- Active Directory Purple Team Playbook☆108Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated last month
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆82Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 11 months ago
- Repository for SPEED SIEM Use Case Framework☆55Updated 5 years ago
- ☆18Updated 6 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆42Updated last month
- scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content☆29Updated 11 months ago