Splunk app for Threat hunting
☆15Nov 15, 2018Updated 7 years ago
Alternatives and similar repositories for SA-Threat-Hunting
Users that are interested in SA-Threat-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Python script to run battery of Volatility plugins against a forensic memory image☆10Jun 22, 2019Updated 7 years ago
- See more current version at https://github.com/ElectionDataAnalysis/election_data_analysis/☆10Jul 6, 2023Updated 3 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated last year
- Set Operations App for Splunk☆10Mar 29, 2021Updated 5 years ago
- Basic demo for Hidden Treasure talk.☆49Nov 4, 2017Updated 8 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Splunk Technology Add-On (TA) for collecting ETW events from Windows systems☆16Dec 8, 2022Updated 3 years ago
- carcass is a Python package to generate python package scaffolding based on best practices☆17Jan 10, 2022Updated 4 years ago
- UCC Helper Library used by Splunk Add-ons☆17Jun 26, 2026Updated 2 weeks ago
- SDK for Developing Solutions in Splunk Enterprise with Python☆19May 18, 2026Updated last month
- Sample queries for Advanced hunting in Windows Defender ATP☆11Apr 22, 2020Updated 6 years ago
- An automated firmware analysis tool based on Firmadyne (https://github.com/firmadyne/firmadyne)☆24Jul 8, 2017Updated 9 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Feb 12, 2020Updated 6 years ago
- A website about DC's Advisory Neighborhood Commission system.☆43Apr 3, 2019Updated 7 years ago
- Analytics for Accounting logs from Network devices☆18Mar 27, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- Hacking the HooToo HT-TM05☆13Dec 22, 2022Updated 3 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆294Jan 15, 2024Updated 2 years ago
- A central place for me to share interesting PSRemoting configurations☆16Jun 28, 2017Updated 9 years ago
- Sysmon Splunk App☆47Aug 21, 2018Updated 7 years ago
- Set of ultra technical notes about AD☆18Jun 17, 2018Updated 8 years ago
- Dashboards for conducting forensic investigation using windows events in Kibana☆18Apr 6, 2019Updated 7 years ago
- Show AV Processes list☆15Sep 30, 2020Updated 5 years ago
- ☆20May 30, 2025Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- This repo exists as a quick and dirty arsenal of methods and scripts to subvert .NET SSL/TLS certificate validation in PowerShell and pre…☆12Jan 28, 2017Updated 9 years ago
- ☆53Mar 4, 2019Updated 7 years ago
- Windows OpenStack Heat templates☆14Apr 15, 2014Updated 12 years ago
- Solana Dex Info for arbitrage bot☆17Sep 6, 2025Updated 10 months ago
- Konrads' Pen-Ultimate (Windows) Log File Parser☆14Dec 27, 2025Updated 6 months ago
- Sysmon configuration☆64Jul 12, 2018Updated 8 years ago
- The Office 365 data Splunk app enables data analysts and IT administrators to import the data they need to get their organization more pr…☆16Jun 14, 2023Updated 3 years ago
- Heos Binding for OpenHab☆13Feb 1, 2019Updated 7 years ago
- Small tools to assist with using Large Language Models☆12Nov 7, 2023Updated 2 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆55Mar 2, 2022Updated 4 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- CB API scripts for IR, administration, etc.☆32Jun 3, 2019Updated 7 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15May 28, 2019Updated 7 years ago
- Argument Injection in Dragonfly Ruby Gem☆16May 26, 2021Updated 5 years ago
- ☆15Sep 24, 2024Updated last year
- Create, Delete, List SQL Server Reporting Services Subscriptions using Powershell and SOAP☆10Apr 12, 2018Updated 8 years ago