Collection of Dashboards for Threat Hunting and more!

A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity

Plot relationships between objects with force directed graph based on ThreeJS/WebGL.

This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup a Suricata Port Mirrored Server

Boilerplate of splunk app and developer scripts, that allows you to leverage docker for development

The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.

Postfix Add-on for Splunk (Compliant with the Mail CIM model)

Kafka Smart Monitoring for Splunk

A Splunk App for Attack Range Reporting. Provides dashboards for insights on your attack range simulations

Splunk AppInspect

JMESPath app for Splunk

Splunk App to analyze traffic from pcap(ng) files

TraceFruits is a conceptual demonstration designed to visualize fruit supply chain events stored in an immutable ledger. Leveraging Splunk for data analysis, the project utilizes Hyperledger Fabric's blockchain ledgers to create an informative and transparent overview of the fruit supply chain process.

A persistent server framework for Splunk app REST API written in go

splunk

a useful tutorial about splunk and security splunk app

Splunk Technology Add-on for SecurityMatters SilentDefense

Splunk app with custom 'quote' command that fetches stock market data from Finnhub API

DCSO Threat Intelligence Engine (TIE) Add-On for Splunk v8