Investigating attacks using Splunk Enterprise logs and creating SPL intrusion detection searches based on known attacker TTPs and anomaly behavior derived from statistical baselines
☆29Nov 19, 2023Updated 2 years ago
Alternatives and similar repositories for splunk-logs-and-investigations
Users that are interested in splunk-logs-and-investigations are comparing it to the libraries listed below
Sorting:
- A Splunk app that transforms varies Splunk generated metrics values into a metrics store☆11Apr 10, 2018Updated 7 years ago
- bash script to enumerate vulnerabilities on specific year through Shodan API☆46Dec 5, 2018Updated 7 years ago
- ☆17Nov 22, 2021Updated 4 years ago
- Run Splunk heavy forwarders in Docker Swarm for high availability, security, and reduced cost!☆15Aug 19, 2025Updated 7 months ago
- ☆18Jul 3, 2018Updated 7 years ago
- Machine Learning with Elastic Stack - Second Edition, published by Packt☆18Jun 3, 2021Updated 4 years ago
- Transform any binary file to a PNG image☆13Jul 19, 2019Updated 6 years ago
- A tool for deriving statistical features from PCAP data☆13Nov 21, 2019Updated 6 years ago
- This repository contains Splunk queries to hunt some anomalies☆46Jul 28, 2022Updated 3 years ago
- ☆48Dec 28, 2025Updated 2 months ago
- Short deep dive into Threat Hunting on AWS☆18Oct 15, 2023Updated 2 years ago
- Intuitionistic Fuzzy Broad Learning System: Enhancing Robustness Against Noise and Outliers☆11Oct 26, 2025Updated 4 months ago
- macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR☆37Updated this week
- Professional Phishing Awareness & Cybersecurity Education Platform☆24Oct 17, 2025Updated 5 months ago
- [DAC2024] Explainable Fuzzy Neural Network with Multi-Fidelity Reinforcement Learning for Micro-Architecture Design Space Exploration☆10Oct 31, 2024Updated last year
- ☆11Jul 10, 2022Updated 3 years ago
- Ready made ducky scripts to use in nethunter Duckhunter HID attack to perform bad usb attack right at your fingertips.☆12Nov 25, 2025Updated 3 months ago
- Code for the paper "Fuzzy c-Means Clustering for Persistence Diagrams"☆14Oct 14, 2023Updated 2 years ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 5 months ago
- Script from the paper generating encrypted network. Dataset☆11Sep 1, 2021Updated 4 years ago
- ☆25Jul 27, 2024Updated last year
- Royal Road RTF Weaponizer object decoder☆24Sep 26, 2024Updated last year
- AirHack Project, a special wifi penetration tool for android☆19May 8, 2025Updated 10 months ago
- https://marsvillager.github.io/PaperWorkflowAutomation/summary/visualize.html (Safari, Firefox ✓ Edge, Chrome ✗) 论文爬虫+概述: IEEE Symposium …☆13Oct 1, 2025Updated 5 months ago
- Large-scale Data Classification based on the Integrated Fusion of Fuzzy Learning and Graph Neural Network☆13Nov 2, 2023Updated 2 years ago
- Ecg experiment, including Fourier transform, wavelet transform, wavelet decomposition and LSTM feature extraction. Emotion classification…☆11Jul 17, 2020Updated 5 years ago
- A Python implementation of improved Label Propagation Algorithm.☆11May 26, 2021Updated 4 years ago
- [DEPRECIATED] All writeups are moved to my main website☆14Mar 15, 2024Updated 2 years ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- ☆32Oct 6, 2021Updated 4 years ago
- A tool for patching/injecting code into elf binaries.☆14Sep 27, 2012Updated 13 years ago
- Source code for 'Software Exorcism' by Bill Blunden☆13Mar 30, 2017Updated 8 years ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆762Aug 28, 2025Updated 6 months ago
- Scripted inputs designed to address common use-cases in forwarder misconfigurations in a Splunk deployment☆35Aug 29, 2024Updated last year
- Source codes of "Fast Continuous Subgraph Matching over Streaming Graphs via Backtracking Reduction", SIGMOD 2023☆14Sep 7, 2023Updated 2 years ago
- A mitmproxy addon that allows use of the HTTP Toolkit Android app.☆10Jun 25, 2023Updated 2 years ago
- Bulk indicator VirusTotal lookups supporting file hashes, domains and IPs.☆13May 28, 2025Updated 9 months ago
- Privacy & Security Principles, Documents and Testing☆11Jul 28, 2020Updated 5 years ago
- Transform AWS Config snapshots to a more AWS Athena-friendly format.☆11Aug 26, 2020Updated 5 years ago