Skip to content

@Splunk-App-and-TA-development SECLAB Splunk App & TA Development

Change the repository type filter

All

    Repositories list

    160 repositories

    • splunk-otel-collector-chart

      Public
      Splunk OpenTelemetry Collector for Kubernetes
      Smarty
      Apache License 2.0
      152006Updated Jan 13, 2025Jan 13, 2025

    • sysmon-dfir

      Public
      Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
      GNU General Public License v3.0
      184002Updated Aug 22, 2024Aug 22, 2024

    • splunk-connect-for-syslog

      Public
      Splunk Connect for Syslog
      Python
      Apache License 2.0
      110007Updated Jul 15, 2024Jul 15, 2024

    • Tango

      Public
      Honeypot Intelligence with Splunk
      Shell
      GNU General Public License v2.0
      43000Updated Jun 4, 2024Jun 4, 2024

    • TA-ipconvert

      Public
      IP Format Conversion Scripted Lookup for Splunk
      Python
      MIT License
      2000Updated Jun 4, 2024Jun 4, 2024

    • TA-centralops

      Public
      CentralOps Technology Add-On for Splunk
      Python
      MIT License
      2100Updated Jun 4, 2024Jun 4, 2024

    • limacharlie

      Public
      Endpoint monitoring stack.
      C
      Apache License 2.0
      59000Updated Jun 4, 2024Jun 4, 2024

    • TA-connectivity

      Public
      This is a Splunk application which adds 3 modular inputs for testing the availability of servers, web applications or other applications.
      Python
      Other
      4100Updated Jun 4, 2024Jun 4, 2024

    • TA-pyLDAP

      Public
      Python LDAP Technology Add-On for Splunk
      Python
      Other
      1000Updated Jun 4, 2024Jun 4, 2024

    • TA-macvendor

      Public
      MAC Address Vendor Scripted Lookup for Splunk
      Python
      MIT License
      3000Updated Jun 4, 2024Jun 4, 2024

    • SplunkForPCAP

      Public
      The PCAP Analyzer for Splunk includes useful Dashboards to analyze network packet capture files from Wireshark or Network Monitor (.pcap) and network streaming data (Splunk App for Stream). The App includes Dashboards which will show you: - The Top Talker IP's, Protocols, VLANs, Conversations - Detailed overview about IP Conversations, Packet Lo…
      Python
      MIT License
      8000Updated Jun 4, 2024Jun 4, 2024

    • TA-otx

      Public
      A modular input for getting Open Threat Exchange data into Splunk
      Python
      3000Updated Jun 4, 2024Jun 4, 2024

    • SA-cim_vladiator

      Public
      Data validator agains Splunk Common Information Model (CIM)
      Python
      Apache License 2.0
      35100Updated Jun 4, 2024Jun 4, 2024

    • UltimateAppLockerByPassList

      Public
      The goal of this repository is to document the most common techniques to bypass AppLocker.
      PowerShell
      352000Updated Jun 4, 2024Jun 4, 2024

    • Update-Sysmon

      Public
      This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
      PowerShell
      MIT License
      12000Updated Jun 4, 2024Jun 4, 2024

    • config_explorer

      Public
      Config viewer and file editor for Splunk. Based on VSCode.
      JavaScript
      GNU Affero General Public License v3.0
      8100Updated Jun 4, 2024Jun 4, 2024

    • TA-linux_secure

      Public
      Linux Secure Technology Add-On for Splunk
      MIT License
      2000Updated Jun 4, 2024Jun 4, 2024

    • vti-dorks

      Public
      Awesome VirusTotal Intelligence Search Queries
      The Unlicense
      49100Updated Jun 4, 2024Jun 4, 2024

    • TA-UserWatchlist

      Public
      User Watchlist App for Splunk
      MIT License
      5100Updated Jun 4, 2024Jun 4, 2024

    • sysmon-config

      Public
      Sysmon configuration file template with default high-quality event tracing
      1.7k000Updated Jun 4, 2024Jun 4, 2024

    • SA-otx

      Public
      A Supporting Add-on to allow use of Open Threat Exchange data in Splunk Enterprise Security
      1000Updated Jun 4, 2024Jun 4, 2024

    • targetedthreats

      Public
      Collection of IOCs related to targeting of civil society
      Python
      17100Updated Jun 4, 2024Jun 4, 2024

    • SA-haveibeenpwned

      Public
      Splunk add-on providing a custom search command to query Troy Hunt's haveibeenpwned API (https://haveibeenpwned.com/api/v3/) for known breaches of your domains or mail addresses.
      Python
      Apache License 2.0
      4100Updated Jun 4, 2024Jun 4, 2024

    • SysmonCommunityGuide

      Public
      TrustedSec Sysinternals Sysmon Community Guide
      CSS
      167000Updated Jun 4, 2024Jun 4, 2024

    • cisco_ios

      Public
      Cisco Networks
      Other
      4000Updated Jun 4, 2024Jun 4, 2024

    • TA-cisco_ios

      Public
      Cisco Networks Add-on
      Other
      9000Updated Jun 4, 2024Jun 4, 2024

    • TA-powershell_transcript

      Public
      This app provides knowledge objects for working with Windows PowerShell transcript logs. In addition to field extractions, a number of event types are included to support threat hunting use cases. Additional information on the configuration of this app is available here: www.hurricanelabs.com/splunk-tutorials/splunk-tutorial-powershell-transcrip…
      3000Updated Jun 4, 2024Jun 4, 2024

    • WinEventsToSplunkObjects

      Public
      Explore windows event log providers and export selected event ids to CSV, Splunk inputs, or Splunk SPL
      PowerShell
      2000Updated Jun 4, 2024Jun 4, 2024

    • TA-microsoft-windefender

      Public
      Splunk TA for Windows Defender inputs and extractions.
      Apache License 2.0
      5000Updated Jun 4, 2024Jun 4, 2024

    • leaflet.migrationLayer

      Public
      Migration data visualization on map
      JavaScript
      MIT License
      45000Updated Jun 4, 2024Jun 4, 2024