This repository contains Splunk queries to hunt some anomalies
☆46Jul 28, 2022Updated 3 years ago
Alternatives and similar repositories for Splunk-Threat-Hunting
Users that are interested in Splunk-Threat-Hunting are comparing it to the libraries listed below
Sorting:
- A list of Splunk queries that I've collected and used over time.☆91Nov 3, 2020Updated 5 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- Collection of Dashboards for Threat Hunting and more!☆74Oct 17, 2020Updated 5 years ago
- ☆14Jan 2, 2025Updated last year
- Collection of Splunking Tools, SPL Code and Resources☆15Jan 30, 2025Updated last year
- Queries, Dashboards, and Splunk Knowledge Objects to Monitor Oracle Database Metrics☆14Mar 11, 2021Updated 4 years ago
- A repository for generalized splunk code, dashboards, resources and suggestions/recommendations.☆31Dec 13, 2022Updated 3 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Jan 8, 2024Updated 2 years ago
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- Splunk Remote Work Insights - Executive Dashboard☆43Aug 20, 2020Updated 5 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆98Oct 4, 2022Updated 3 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆94Jun 28, 2025Updated 8 months ago
- Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.☆16May 21, 2021Updated 4 years ago
- Crowdstrike response script containing various functions for IR/triage☆12Dec 7, 2020Updated 5 years ago
- Modular command-line threat hunting tool & framework.☆17Jul 20, 2020Updated 5 years ago
- for Windows Malware Analysis☆16May 14, 2020Updated 5 years ago
- A CLI tool for managing Chronicle user workflows☆18Sep 24, 2025Updated 5 months ago
- ☆19Dec 9, 2024Updated last year
- A collection of awesome resources for Splunk☆155Sep 11, 2020Updated 5 years ago
- Splunk Observability Cloud docs☆25Aug 4, 2025Updated 7 months ago
- some scripts for splunk☆53Jan 2, 2020Updated 6 years ago
- Uses Shodan API to pull down C2 servers to run known exploits on them.☆18Dec 9, 2017Updated 8 years ago
- bash scripting cheatsheet.☆21Oct 13, 2021Updated 4 years ago
- Collection of scripts used to analyse malware or emails☆20Oct 6, 2020Updated 5 years ago
- Home for Splunk security datasets.☆129Mar 18, 2020Updated 5 years ago
- An example of the use of tabs on a Splunk dashboard. #splunk☆22Aug 26, 2023Updated 2 years ago
- A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources abou…☆62Jan 6, 2023Updated 3 years ago
- Docker build for autopsy☆22Apr 13, 2021Updated 4 years ago
- Collaborative, web-based case management for incident response☆24Jan 23, 2024Updated 2 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Dec 8, 2024Updated last year
- ☆58Mar 4, 2022Updated 4 years ago
- Malice Yara Plugin☆30Sep 8, 2019Updated 6 years ago
- SPL cheatsheet for Splunk.☆26Dec 2, 2022Updated 3 years ago
- An open source project aimed to replicate the Windows SIFT Machine and tools used during SANS Courses minus any payware software.☆25Oct 18, 2023Updated 2 years ago
- Windows anti-forensics USB monitoring tool.☆69Feb 17, 2023Updated 3 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆60Mar 12, 2022Updated 3 years ago
- Browser Reviewer is a portable forensic tool for analyzing user activity in Firefox and Chrome-based browsers. It extracts and displays b…☆55Oct 10, 2025Updated 4 months ago