HurricaneLabs / splunksecretsLinks
splunksecrets is a tool for working with Splunk secrets offline
☆70Updated 3 weeks ago
Alternatives and similar repositories for splunksecrets
Users that are interested in splunksecrets are comparing it to the libraries listed below
Sorting:
- This repository contains Splunk queries to hunt some anomalies☆43Updated 2 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆64Updated last year
- SPL cheatsheet for Splunk.☆24Updated 2 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated 2 weeks ago
- Scripted inputs designed to address common use-cases in forwarder misconfigurations in a Splunk deployment☆35Updated 9 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- pySigma Splunk backend☆39Updated last month
- A repository for generalized splunk code, dashboards, resources and suggestions/recommendations.☆32Updated 2 years ago
- Collection of useful Canary tools☆81Updated 3 weeks ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Collection of useful python scripts to interact with Splunk's API.☆15Updated 3 years ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Active Directory Purple Team Playbook☆108Updated 2 years ago
- Identify Azure blobs using a wordlist of account name and container name strings☆43Updated 3 months ago
- Files and Folders for BSides Splunk 2021☆22Updated 4 years ago
- Anvilogic Forge☆104Updated 3 weeks ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- DNS Dashboard for hunting and identifying beaconing☆16Updated 4 years ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated last year
- ☆32Updated 7 years ago
- Corelight@Home script☆42Updated last year
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- Elastic version of SOC prime watcher rules☆29Updated 8 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆57Updated 3 years ago
- ☆18Updated 6 months ago
- Shell script to download apps from Splunkbase☆23Updated 5 years ago
- Ansible playbooks for configuring and managing Splunk Cloud deployments with the Admin Config Service (ACS) API☆26Updated last month
- Active C&C Detector☆154Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 11 months ago