Weaponizing Splunk Presentation including Splunk Apps for penetration testing.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
images
splunk_shells @ 4b1e672
weaponize_splunk_app @ ddf3817
.gitattributes
.gitignore
.gitmodules
LICENSE
README.md
splunk_one_liners.txt

README.md

Weaponizing Splunk: Using Blue Team Tools for Evil

This is a collection of the developed apps and the presentation slides.

Splunk is a log aggregation and correlation tool that is normally used for defensive analysis and infrastructure management. What if Attackers could use this same tool against the blue team? Companies deploy security products with no real purpose other than checking a box. While these tools can be used for good they can also turn against the organization and become their worst nightmare. During this presentation, I will discuss creative uses of Splunk that penetration testers and red teamers can use to gain more access and move laterally within an organization.

Biography

Ryan Hays
ryan.hays@tbgsecurity.com
hays.ryan@gmail.com
Twitter: @_ryanhays
Github: https://github.com/MrJester

Presented At: