YoVDO

Weaponizing Splunk - Using Blue Team Tools for Evil

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Python Courses PowerShell Courses Splunk Courses Metasploit Courses Security BSides Courses

Course Description

Overview

Explore a conference talk from BSides Nashville 2017 that delves into the potential misuse of Splunk, a popular log management and analysis tool. Learn about the various attack surfaces and misconfigurations that can be exploited in Splunk deployments. Discover how attackers can leverage Splunk's features, including syslog and deployment servers, to gain unauthorized access and execute malicious actions. Witness demonstrations of exploiting vulnerabilities using Metasploit and Python, as well as attacking Windows systems through PowerShell. Gain insights into data-driven attacks using tools like WiFi Pineapple and Hashcat. Understand the importance of proper configuration and security measures to protect Splunk installations from potential weaponization.

Syllabus

Intro
The Story
Overview
What is Splunk
Splunk Syslog
Deployment Server
Deployment Server Demo
Misconfigurations
Attack surfaces
Reviewing logs
User privileges
SSH keys
Demo
Attacking Server
Using Metasploit
Using Python
Windows App
PowerShell
Attack of the Data
WiFi Pineapple
WiFi Pineapple App
Hashcat
Contact Info
Split Data


Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube