Pinned Repositories
addonfactory-splunk_sa_cim
Splunk_SA_CIM used by add-on test infrastructure
ail-framework
AIL framework - Analysis Information Leak framework
ail-yara-rules
A set of YARA rules for the AIL framework to detect leak or information disclosure
alert_send_screenshot
App for Splunk with custom alert to send Screenshots of dashboard via Mail as pdf/png
atc-mitigation
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
atc-react
A knowledge base of actionable Incident Response techniques
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
atomic-threat-coverage
Actionable analytics designed to combat threats
attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
rkondracki's Repositories
rkondracki/alert_send_screenshot
App for Splunk with custom alert to send Screenshots of dashboard via Mail as pdf/png
rkondracki/bonnie
rkondracki/create-msi-installer-from-folder
Creates a deployable MSI from a folder that has an executable in it
rkondracki/IPInfo-App-for-Splunk
rkondracki/mit-deep-learning-book-pdf
MIT Deep Learning Book in PDF format (complete and parts) by Ian Goodfellow, Yoshua Bengio and Aaron Courville
rkondracki/OSINT-Framework
OSINT Framework
rkondracki/Probable-Wordlists
Wordlists sorted by probability originally created for password generation and testing
rkondracki/SA-IdentityAssetExtraction
Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources
rkondracki/SA-syslog_collection
Monitor syslog collection infrastructure & offer syslog configuration templates.
rkondracki/SecurityBridge-App-for-Splunk
rkondracki/setops
Set Operations App for Splunk
rkondracki/Splunk-1
rkondracki/splunk-cluster-training
rkondracki/splunk-elasticsearch
A search command for Splunk which will allow you to search Elastic Search and display the results in the Splunk GUI
rkondracki/splunk-lab
Splunk-cluster lab
rkondracki/Splunk_Fundamentals
rkondracki/SplunkForPCAP
The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet Loss, TCP Error's, Round Trip Time - Conversation Sankey Diagram (by Packets, by Bytes, by Destination Port) - Microburst Dashboard (Bit timechart) - DNS / NFS / HTTP / Keep Alive Communication Dashboards - Hop Calculator between two IP's ROADMAP - Support for more protocols and more use cases - Dashboards will change to highlight the most important use cases for troubleshooting. FAQ http://devops-online.com/splunk-pcap-analyzer
rkondracki/splunkforwarder-deployment-config
rkondracki/StopGuessing
A system for protecting password-based authentication systems from online-guessing attacks.
rkondracki/sysmon-splunk-app
Sysmon Splunk App
rkondracki/TA-detectiontechniquedeepdive
App for Detection Technique Deep Dive Session at Splunk Conf 2018
rkondracki/TA-macvendor
MAC Address Vendor Scripted Lookup for Splunk
rkondracki/TA-otx
A modular input for getting Open Threat Exchange data into Splunk
rkondracki/TA-pdfinput
splunk pdf indexing
rkondracki/TA-Sigma-Searches
A Splunk app with saved reports derived from Sigma rules
rkondracki/TA-user-agents
An external lookup for Splunk to make sense of user-agent strings
rkondracki/Tango
Honeypot Intelligence with Splunk
rkondracki/Vagrant_Splunk_Cluster
Stands up an entire Vagrant Environment with 1 Master Node, 3 Search heads in a Cluster, and 3 Indexers in a Cluster.
rkondracki/WDATP-Advanced-Hunting
Windows Defender ATP - Advanced Hunting Queries
rkondracki/WindowsDefenderATP_Advanced_Hunting_Samples_Queries
Windows Defender ATP Advanced Hunting Queries