stressboi

Pinned Repositories

auth0-tenant-security-hands-on-workshop
This Auth0 reference implementation uses Terraform to configure an Auth0 tenant with a solid base of security features enabled to help protect against common password attacks + an express.js app to test that these protections works.
Language:JavaScript0 0 01
check-log4j
To determine if a host is vulnerable to log4j CVE‐2021‐44228
Language:Shell00
hafnium-exchange-splunk-csvs
IOCs found exploiting CVE-2021-26855 thanks to info from Volexity and MS and Huntresslabs.
6 2 08
Okta-Identity-Cloud-for-Splunk
Public REPO for splunkbase app
Language:Python1 0 01
splunk-spectre-meltdown-uf-script
A script modified from speed47 to provide KV-pair results into a Splunk UF scripted input
Language:Shell5 3 00
TA-Drovorub
Simple Splunk UF detection for Drovorub kernel module
Language:Shell4 1 00
TA-hrs
Language:Batchfile2 1 00
TA-Okta-Identity-Cloud-jb
Language:Python1 1 01
TA-rcanary
Simple ransomware canary for Splunk UF on Windows
Language:Batchfile1 1 01
TA-remote_endpoint_info
A Splunk TA to grab local endpoint metadata using the UF
Language:Python1 2 00

stressboi's Repositories

stressboi/hafnium-exchange-splunk-csvs
IOCs found exploiting CVE-2021-26855 thanks to info from Volexity and MS and Huntresslabs.
6 2 08
stressboi/splunk-spectre-meltdown-uf-script
A script modified from speed47 to provide KV-pair results into a Splunk UF scripted input
Language:Shell5 3 00
stressboi/TA-Drovorub
Simple Splunk UF detection for Drovorub kernel module
Language:Shell4 1 00
stressboi/TA-hrs
Language:Batchfile2 1 00
stressboi/Okta-Identity-Cloud-for-Splunk
Public REPO for splunkbase app
Language:Python1 0 01
stressboi/TA-Okta-Identity-Cloud-jb
Language:Python1 1 01
stressboi/TA-rcanary
Simple ransomware canary for Splunk UF on Windows
Language:Batchfile1 1 01
stressboi/TA-remote_endpoint_info
A Splunk TA to grab local endpoint metadata using the UF
Language:Python1 2 00
stressboi/auth0-tenant-security-hands-on-workshop
This Auth0 reference implementation uses Terraform to configure an Auth0 tenant with a solid base of security features enabled to help protect against common password attacks + an express.js app to test that these protections works.
Language:JavaScript0 0 01
stressboi/check-log4j
To determine if a host is vulnerable to log4j CVE‐2021‐44228
Language:Shell00
stressboi/malwrlookup-master
Language:Python0 1 00
stressboi/okta_quarantine_script
A script using Okta's Python SDK to manipulate application sign-on policy for quarantine group membership
Language:Python1 0
stressboi/SA-ctf_scoreboard
Language:Python
stressboi/security_content
Splunk Security Content
stressboi/sysmon-config
Sysmon configuration file template with default high-quality event tracing
1 01
stressboi/sysmon-modular
A repository of sysmon configuration modules
stressboi/TA-check-logFORj
Simple Splunk TA wrapper for https://github.com/stressboi/check-log4j
Language:Shell1 0
stressboi/TA-forwarderping
UF ping TA
Language:Batchfile
stressboi/TA-microsoft-WLAN-AutoConfig
Splunk Technical Add-On to properly onboard the Microsoft-Windows-WLAN-AutoConfig/Operational log in XML format.
1 0
stressboi/TA-microsoft-wxtcmd
Language:Batchfile
stressboi/TA-pcsverchecker
Simple Splunk UF scripts in shell and powershell to report on Pulse Secure Connect versions encountered.
Language:Shell1 0
stressboi/TA-Samedit
Language:Shell1 2
stressboi/tripwire-enterprise-unofficial-ta
A CIM compliant TA for .CSV DCR files from Tripwire Enterprise