/weaponize_splunk

Weaponizing Splunk Presentation including Splunk Apps for penetration testing.

BSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

Weaponizing Splunk: Using Blue Team Tools for Evil

This is a collection of the developed apps and the presentation slides.

Splunk is a log aggregation and correlation tool that is normally used for defensive analysis and infrastructure management. What if Attackers could use this same tool against the blue team? Companies deploy security products with no real purpose other than checking a box. While these tools can be used for good they can also turn against the organization and become their worst nightmare. During this presentation, I will discuss creative uses of Splunk that penetration testers and red teamers can use to gain more access and move laterally within an organization.

Biography

Ryan Hays
ryan.hays@tbgsecurity.com
Twitter: @mrjester7521
Github: https://github.com/MrJester

Presented At: