mdecrevoisier/Splunk-input-windows-baseline external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mdecrevoisier/Splunk-input-windows-baseline

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mdecrevoisier/Splunk-input-windows-baseline)

Close

mdecrevoisier / Splunk-input-windows-baselineView on GitHubMore

• External links
• Readme badge

Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE Att&CK

☆94Jun 28, 2025Updated 8 months ago

Alternatives and similar repositories for Splunk-input-windows-baseline

Users that are interested in Splunk-input-windows-baseline are comparing it to the libraries listed below

• splunk / rba

  View on GitHub
  RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…
  ☆63Feb 23, 2026Updated last week
• Truvis / SplunkDashboards

  View on GitHub
  Collection of Dashboards for Threat Hunting and more!
  ☆74Oct 17, 2020Updated 5 years ago
• CrossRealms / Splunk-Cyences-App-for-Splunk

  View on GitHub
  Cyences App (Cyber Defense) built by CrossRealms International - https://splunkbase.splunk.com/app/5351/
  ☆11Feb 27, 2026Updated last week
• inodee / threathunting-spl

  View on GitHub
  Splunk code (SPL) for serious threat hunters and detection engineers.
  ☆290Jan 15, 2024Updated 2 years ago
• SecurityJosh / MuteSysmon

  View on GitHub
  A PowerShell script to prevent Sysmon from writing its events
  ☆16Apr 23, 2020Updated 5 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing

  View on GitHub
  DNS Dashboard for hunting and identifying beaconing
  ☆16Jul 29, 2020Updated 5 years ago
• signorrayan / Splunk-Threat-Hunting

  View on GitHub
  This repository contains Splunk queries to hunt some anomalies
  ☆46Jul 28, 2022Updated 3 years ago
• mdecrevoisier / EVTX-to-MITRE-Attack

  View on GitHub
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆612Dec 8, 2025Updated 2 months ago
• mdecrevoisier / Microsoft-eventlog-mindmap

  View on GitHub
  Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
  ☆1,088Nov 8, 2025Updated 3 months ago
• mdecrevoisier / Windows-auditing-baseline

  View on GitHub
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆63Feb 22, 2026Updated last week
• AirbusProtect / AD-Canaries

  View on GitHub
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆258Nov 24, 2023Updated 2 years ago
• MrM8BRH / Splunk

  View on GitHub
  This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…
  ☆24Feb 16, 2026Updated 2 weeks ago
• runZeroInc / runZeroHound

  View on GitHub
  Bring runZero Exposure Management into BloodHound
  ☆44Nov 19, 2025Updated 3 months ago
• splunk / security_content

  View on GitHub
  Splunk Security Content
  ☆1,576Feb 26, 2026Updated last week
• defensivedepth / osquery-filters

  View on GitHub
  ☆34Aug 8, 2023Updated 2 years ago
• Yamato-Security / EnableWindowsLogSettings

  View on GitHub
  Documentation and scripts to properly enable Windows event logs.
  ☆672Oct 3, 2025Updated 5 months ago
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,445Feb 24, 2026Updated last week
• Blumira / Kerberoast-Detection

  View on GitHub
  Kerberoast Detection Script
  ☆30Oct 31, 2024Updated last year
• skandler / simulate-akira

  View on GitHub
  Simulation of Akira Ransomware with Invoke-AtomicTest
  ☆18Jul 10, 2024Updated last year
• elastic / detection-rules-explorer

  View on GitHub
  ☆21Updated this week
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite

  View on GitHub
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆577Dec 6, 2025Updated 3 months ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆786Feb 22, 2026Updated last week
• Defenders-Guide / TheDefendersGuide

  View on GitHub
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆159Jun 15, 2023Updated 2 years ago
• ANSSI-FR / ADTimeline

  View on GitHub
  Timeline of Active Directory changes with replication metadata
  ☆520Mar 21, 2025Updated 11 months ago
• mvelazc0 / msInvader

  View on GitHub
  M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…
  ☆323Oct 12, 2025Updated 4 months ago
• EugeneBelford1995 / Mishkys-Range-Expansion-Pack-Version1.1

  View on GitHub
  Mishky's AD Range & The Escalation Path from Hell, Version 1.1
  ☆11May 7, 2025Updated 9 months ago
• t3l3m3try / Threat_Hunting

  View on GitHub
  Some Threat Hunting queries useful for blue teamers
  ☆132May 13, 2022Updated 3 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,264Jan 21, 2026Updated last month
• cgosec / Blauhaunt

  View on GitHub
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆181May 27, 2025Updated 9 months ago
• west-wind / Threat-Hunting-With-Splunk

  View on GitHub
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆68Apr 29, 2024Updated last year
• splunk / attack_data

  View on GitHub
  A repository of curated datasets from various attacks
  ☆726Feb 26, 2026Updated last week
• blackhillsinfosec / EventLogging

  View on GitHub
  Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
  ☆489Nov 21, 2024Updated last year
• inzlain / sameuser

  View on GitHub
  Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual
  ☆14Jul 13, 2022Updated 3 years ago
• steveandreassend / linux_auditd

  View on GitHub
  Best practice configuration for Linux auditd for CIS and STIG standards, enhanced with LOTL detection rules.
  ☆14Dec 6, 2025Updated 3 months ago
• eduardomcm / VelociraptorCompetition

  View on GitHub
  ☆11Apr 2, 2022Updated 3 years ago
• WithSecureLabs / snake-core

  View on GitHub
  snake-core - the real snake
  ☆15Jul 11, 2023Updated 2 years ago
• ricardojba / Even-More-Awesome-Mainframe-Hacking

  View on GitHub
  ☆15Oct 29, 2024Updated last year
• Kintyre / TA-postfix

  View on GitHub
  Postfix Add-on for Splunk (Compliant with the Mail CIM model)
  ☆11Mar 18, 2021Updated 4 years ago
• 22XploiterCrew-Team / Hash-Cracking

  View on GitHub
  CRACK AND CHECK HASH TYPES IN BULK
  ☆13Jul 28, 2021Updated 4 years ago