Pinned Repositories
auth0-tenant-security-hands-on-workshop
This Auth0 reference implementation uses Terraform to configure an Auth0 tenant with a solid base of security features enabled to help protect against common password attacks + an express.js app to test that these protections works.
check-log4j
To determine if a host is vulnerable to log4j CVE‐2021‐44228
hafnium-exchange-splunk-csvs
IOCs found exploiting CVE-2021-26855 thanks to info from Volexity and MS and Huntresslabs.
Okta-Identity-Cloud-for-Splunk
Public REPO for splunkbase app
splunk-spectre-meltdown-uf-script
A script modified from speed47 to provide KV-pair results into a Splunk UF scripted input
TA-Drovorub
Simple Splunk UF detection for Drovorub kernel module
TA-hrs
TA-Okta-Identity-Cloud-jb
TA-rcanary
Simple ransomware canary for Splunk UF on Windows
TA-remote_endpoint_info
A Splunk TA to grab local endpoint metadata using the UF
stressboi's Repositories
stressboi/hafnium-exchange-splunk-csvs
IOCs found exploiting CVE-2021-26855 thanks to info from Volexity and MS and Huntresslabs.
stressboi/splunk-spectre-meltdown-uf-script
A script modified from speed47 to provide KV-pair results into a Splunk UF scripted input
stressboi/TA-Drovorub
Simple Splunk UF detection for Drovorub kernel module
stressboi/TA-hrs
stressboi/Okta-Identity-Cloud-for-Splunk
Public REPO for splunkbase app
stressboi/TA-Okta-Identity-Cloud-jb
stressboi/TA-rcanary
Simple ransomware canary for Splunk UF on Windows
stressboi/TA-remote_endpoint_info
A Splunk TA to grab local endpoint metadata using the UF
stressboi/auth0-tenant-security-hands-on-workshop
This Auth0 reference implementation uses Terraform to configure an Auth0 tenant with a solid base of security features enabled to help protect against common password attacks + an express.js app to test that these protections works.
stressboi/check-log4j
To determine if a host is vulnerable to log4j CVE‐2021‐44228
stressboi/malwrlookup-master
stressboi/okta_quarantine_script
A script using Okta's Python SDK to manipulate application sign-on policy for quarantine group membership
stressboi/SA-ctf_scoreboard
stressboi/security_content
Splunk Security Content
stressboi/sysmon-config
Sysmon configuration file template with default high-quality event tracing
stressboi/sysmon-modular
A repository of sysmon configuration modules
stressboi/TA-check-logFORj
Simple Splunk TA wrapper for https://github.com/stressboi/check-log4j
stressboi/TA-forwarderping
UF ping TA
stressboi/TA-microsoft-WLAN-AutoConfig
Splunk Technical Add-On to properly onboard the Microsoft-Windows-WLAN-AutoConfig/Operational log in XML format.
stressboi/TA-microsoft-wxtcmd
stressboi/TA-pcsverchecker
Simple Splunk UF scripts in shell and powershell to report on Pulse Secure Connect versions encountered.
stressboi/TA-Samedit
stressboi/tripwire-enterprise-unofficial-ta
A CIM compliant TA for .CSV DCR files from Tripwire Enterprise