Olaf Hartong's repositories
SA-Threat-Hunting
Splunk app for Threat hunting
PSSysmonTools
Sysmon Tools for PowerShell
unfetter-discover
Unfetter-Discover Vagrant script for the Unfetter-Discover docker release
Invoke-Phant0m
Windows Event Log Killer
blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
disposable-windows
A packer project to quickly have a test / dev / IR box
Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. iadgov
splunk-jupyter
Analyse your Splunk data from a Jupyter Notebook, as a Pandas Dataframe.
subTee-gits-backups
subTee gists code backups
TA-microsoft-sysmon
TA-microsoft-sysmon
chargeback
Charge Back App for Splunk
reternal-quickstart
Repo containing docker-compose files and setup scripts without having to clone the individual reternal components
sysmon-splunk-app
Sysmon Splunk App
applehealthdata-es
Config to import applehealth data to ElasticSearch, generate with > https://github.com/tdda/applehealthdata
brawl-public-game-001
Data from a BRAWL Automated Adversary Emulation Exercise
EQGRP_Lost_in_Translation
Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
paste2splunk
Pastebin crawler which index pasties into Splunk
PasteHunter
Scanning pastebin with yara rules
Probable-Wordlists
Wordlists sorted by probability originally created for password generation and testing
RegistrationFreeCOM
Inject DLL Prototype using Microsoft.Windows.ACTCTX COM Object
splunk-add-on-jira-alerts
Splunk custom alert action for Atlassian JIRA
sysmon-version-history
An Inofficial Sysmon Version History