Pinned Repositories
waflyctl
Fastly WAF CLI
ansible-splunk-simple
Simple deployment of Splunk using Ansible, static host lists.
blackcert
Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also checks if any domain changes with that keyword look like a phishing domain.
git-wild-hunt
A tool to hunt for credentials in github wild AKA git*hunt
splunk-ansible-advance
Advance Ansible configuration to deploy Splunk. Implements dynamic inventory under the AWS platform.
Splunk-Mitigation-Framework
Framework that sits on top of Splunk Enterprise Security to do auto-mitigation
zoidbergstrike
A "hooray I am useful" Cobalt Strike Team Server scanner
LOLDrivers
Living Off The Land Drivers
attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
security_content
Splunk Security Content
josehelps's Repositories
josehelps/building-a-windows-dc-terraform
Building a Windows 2016 Domain Controller using Ansible + Terrraform on AWS
josehelps/building-a-windows-dc
Automatically build a windows domain controller using Vagrant and Ansible
josehelps/pnexpose
nexpose python client library
josehelps/splunkconf2015-demo
Ansible playbooks to deploy splunk and track changes with git
josehelps/splunk_cowrie
Example configurations for emulating a Ubuntu 14.04 machine on AWS
josehelps/cs-suite
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
josehelps/SA-faroo
Allows you to Search the web from Splunk using the Faroo API.
josehelps/TA-osquery
An Splunk technology add-on for osquery
josehelps/TA-reikey
Very simplistic splunk TA that ingests data outputted from https://objective-see.com/products/reikey.html
josehelps/cowrie
Cowrie SSH/Telnet Honeypot
josehelps/cve-2019-6340-bits
Bits generated while analyzing CVE-2019-6340 Drupal RESTful RCE
josehelps/Daily-dose-of-malware
Script lets you gather malicious software and c&c servers from open source platforms like Malshare, Malcode, Google, Cymon - vxvault, cybercrime tracker and c2 for Pony.
josehelps/docker-cowrie
Cowrie Docker GitHub repository
josehelps/encom-boardroom
📈 Web tribute to the Tron: Legacy Boardroom Scene
josehelps/fastly_tor_block
Blocks TOR exit nodes on Fastly's Service using version-less ACLs
josehelps/G-Scout
Google Cloud Platform Security Tool
josehelps/go-fastly
A golang Fastly API client library.
josehelps/gscripts
A repo full of example gscripts
josehelps/heka
heka log collector tools
josehelps/kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide
josehelps/malleable
josehelps/moloch
Moloch is a open source large scale full PCAP capturing, indexing and database system.
josehelps/OpenCanary
Docker image for the opencanary honeypot project
josehelps/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
josehelps/owasp-modsecurity-crs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
josehelps/scansio-sonar-splunk
Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and security operations.
josehelps/shellphish
Phishing Tool for 18 social media: Instagram, Facebook, Snapchat, Github, Twitter, Yahoo, Protonmail, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Gitlab, Pinterest
josehelps/sigma
Generic Signature Format for SIEM Systems
josehelps/splunk-connect-for-kubernetes
Helm charts associated with kubernetes plug-ins
josehelps/terraform-provider-fastly
Terraform Fastly provider