Pinned Repositories
addonfactory-splunk_sa_cim
Splunk_SA_CIM used by add-on test infrastructure
ail-framework
AIL framework - Analysis Information Leak framework
ail-yara-rules
A set of YARA rules for the AIL framework to detect leak or information disclosure
alert_send_screenshot
App for Splunk with custom alert to send Screenshots of dashboard via Mail as pdf/png
atc-mitigation
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
atc-react
A knowledge base of actionable Incident Response techniques
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
atomic-threat-coverage
Actionable analytics designed to combat threats
attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
rkondracki's Repositories
rkondracki/ail-yara-rules
A set of YARA rules for the AIL framework to detect leak or information disclosure
rkondracki/attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
rkondracki/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
rkondracki/AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
rkondracki/Awesome-SOAR
A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.
rkondracki/AZ500-AzureSecurityTechnologies
Microsoft Azure Security Technologies
rkondracki/Azure-AZ-500-Study-Guide
Study Guide for the Microsoft Azure Security Technologies Exam
rkondracki/Azure-AZ-900-Study-Guide
Study Guide for the Microsoft Azure Fundamentals Exam
rkondracki/caldera
Automated Adversary Emulation
rkondracki/cribl-training
Cribl Environment for learning LogStream
rkondracki/first-order-model
This repository contains the source code for the paper First Order Motion Model for Image Animation
rkondracki/h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
rkondracki/Licensing
Microsoft 365 licensing diagrams
rkondracki/markdown
rkondracki/pytest-splunk-addon
A Dynamic test tool for Splunk Technology Add-ons
rkondracki/Ransomware-Reports
This repo is a collection of Ransomware reports from vendors, researchers, etc.
rkondracki/S3Insights
S3Insights is a platform for efficiently deriving security insights about S3 data through metadata analysis
rkondracki/security-bucket-brigade
rkondracki/security-content
Splunk Security Content
rkondracki/sigma
Generic Signature Format for SIEM Systems
rkondracki/smogcloud
Find cloud assets that no one wants exposed 🔎 ☁️
rkondracki/spl-to-kql
The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects requiring both technologies (Splunk and Azure/Sentinel) or any other hybrid environments. Feel free to add/suggest entries.
rkondracki/splunk-ansible
Ansible playbooks for configuring and managing Splunk Enterprise and Universal Forwarder deployments
rkondracki/splunk-connect-for-syslog
Splunk Connect for Syslog
rkondracki/splunk-lab-1
Create a lab instance of Splunk for ad hoc data analytics. Includes Splunk's Machine Learning app!
rkondracki/splunk_app
rkondracki/splunk_wineventcode_secanalysis
Beta 1.2 of Windows Event Code Security Analysis app for Splunk.
rkondracki/Stanford_Machine_Learning
Andrew Ng's famous coursera/stanford machine learning course
rkondracki/TA-Sysmon-deploy
Deploy and maintain Symon through the Splunk Deployment Sever
rkondracki/ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.