Explore how Splunk, a popular log management tool, can be weaponized for malicious purposes in this eye-opening conference talk from BSidesCharm 2017. Delve into the process of reviewing logs, extracting sensitive data, and leveraging Splunk for command and control operations. Learn about advanced techniques such as swamp shells and gating actions, which can be used to exploit vulnerabilities in blue team defenses. Gain valuable insights into potential security risks and enhance your understanding of how attackers might misuse legitimate tools for nefarious activities.
Weaponizing Splunk - Using Blue Teams for Evil
via YouTube
Overview
Syllabus
Introduction
Reviewing the Logs
Weaponizing Splunk
Extracting Data
Swamp Shells
Command Control
Gating Actions