Investigating attacks using Splunk Enterprise logs and creating SPL intrusion detection searches based on known attacker TTPs and anomaly behavior derived from statistical baselines
☆29Nov 19, 2023Updated 2 years ago
Alternatives and similar repositories for splunk-logs-and-investigations
Users that are interested in splunk-logs-and-investigations are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repository is dedicated to hosting personal comprehensive walkthrough solutions for Splunk's Boss of the SOC (BOTS) CTF-style labs. …☆16Dec 30, 2023Updated 2 years ago
- A Splunk app that transforms varies Splunk generated metrics values into a metrics store☆11Apr 10, 2018Updated 8 years ago
- ☆18Jul 3, 2018Updated 7 years ago
- Links to VeteranSec Resources☆12May 18, 2020Updated 6 years ago
- Transform any binary file to a PNG image☆13Jul 19, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…☆24Jan 17, 2026Updated 4 months ago
- A lightweight Python tool to analyze PCAP files and generate network traffic reports. It detects traffic patterns, security concerns, and…☆18Sep 25, 2024Updated last year
- This repository contains Splunk queries to hunt some anomalies☆47Jul 28, 2022Updated 3 years ago
- RGCN model for real-time fraud detection☆11Jan 27, 2023Updated 3 years ago
- A tool for deriving statistical features from PCAP data☆13Nov 21, 2019Updated 6 years ago
- Short deep dive into Threat Hunting on AWS☆19Oct 15, 2023Updated 2 years ago
- Intuitionistic Fuzzy Broad Learning System: Enhancing Robustness Against Noise and Outliers☆11Oct 26, 2025Updated 6 months ago
- macos-collector - Automated Collection of macOS Forensic Artifacts for DFIR☆43Apr 13, 2026Updated last month
- Professional Phishing Awareness & Cybersecurity Education Platform☆24Oct 17, 2025Updated 7 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This is poc of CVE-2022-46169 authentication bypass and remote code execution☆15May 18, 2023Updated 3 years ago
- Capture the Flag write-ups for challenged completed by myself.☆13Dec 7, 2020Updated 5 years ago
- SANS #CTI Summit 2025☆13Jan 28, 2025Updated last year
- Ultimate Cybersecurity Roadmap (2025 Edition) | Beginner to Advanced Guide | Learn Ethical Hacking, SOC Analysis, Threat Hunting, Inciden…☆70Jul 7, 2025Updated 10 months ago
- SPL cheatsheet for Splunk.☆26Dec 2, 2022Updated 3 years ago
- Ready made ducky scripts to use in nethunter Duckhunter HID attack to perform bad usb attack right at your fingertips.☆13Mar 24, 2026Updated last month
- Bulk modify Splunk Knowledge Object's owners, permissions, apps, sharing and move them to another app☆27Aug 27, 2022Updated 3 years ago
- ☆27Jan 19, 2021Updated 5 years ago
- Code for the paper "Fuzzy c-Means Clustering for Persistence Diagrams"☆14Oct 14, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Script from the paper generating encrypted network. Dataset☆11Sep 1, 2021Updated 4 years ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 7 months ago
- Royal Road RTF Weaponizer object decoder☆24Sep 26, 2024Updated last year
- A curated collection of amazing software, libraries, documents, books, resources, and other cool security-related content.☆14Nov 13, 2024Updated last year
- AirHack Project, a special wifi penetration tool for android☆18May 8, 2025Updated last year
- https://marsvillager.github.io/PaperWorkflowAutomation/summary/visualize.html (Safari, Firefox ✓ Edge, Chrome ✗) 论文爬虫+概述: IEEE Symposium …☆13Oct 1, 2025Updated 7 months ago
- Large-scale Data Classification based on the Integrated Fusion of Fuzzy Learning and Graph Neural Network☆13Nov 2, 2023Updated 2 years ago
- ☆12Jun 11, 2021Updated 4 years ago
- Legacy Sigma Tools (sigmac etc.)☆16May 7, 2023Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Ecg experiment, including Fourier transform, wavelet transform, wavelet decomposition and LSTM feature extraction. Emotion classification…☆11Jul 17, 2020Updated 5 years ago
- ExchangeHound is a defensive BloodHound OpenGraph collector for on-prem Microsoft Exchange that maps mailbox delegation and Exchange priv…☆72Apr 17, 2026Updated last month
- A Python implementation of improved Label Propagation Algorithm.☆11May 26, 2021Updated 4 years ago
- [DEPRECIATED] All writeups are moved to my main website☆14Mar 15, 2024Updated 2 years ago
- ☆12Apr 7, 2026Updated last month
- NetHawk is your network security analysis tool that provides features and alerts via Discord when network attacks occur with score report…☆18Updated this week
- ☆33Apr 21, 2026Updated 3 weeks ago