Weaponizing Splunk: Attacking the Data

Some IT administrators don’t realize that services, like those available with Splunk, can be used by attackers and penetration testers to not only attack a system, but to organize and sort the information that is returned from their attacks. This section shows how an attacker can reduce the amount of time required to between recognizance and attack.

“During penetration testing we generate a lot of logs as we attack victim organizations that all need to be reviewed and sorted. This can take a lot of time, unelss you use Splunk’s organizational features.”
-Ryan, TBG Security‘s Director of Security Engineering


 

Attack Missions On The Data (Videos)

Cyberattack Video: Parsing Data from Hak5 Wifi Pineapple

Collecting and review the log data using a WiFi Pineapple, a penetration test tool created by Hak5.


Cyberattack Video: Monitor and crack credentials
Using a man-in-the-middle attack tool called responder attackers can capture password hashes from a victim network. We have put together reports and dashboards that can alert attackers in real time to the status and progress they are making with this tool.


 

Get In Touch

Have a question? We’re here to help.

Contact Us