Weaponizing Splunk: Using Blue Team Tools For Evil
Ryan Hays at BSides Boston 2017
Splunk has secured a large portion of the log aggregation and correlation market. In turn penetration testers find a lot of misconfigured implementations during engagements. This talk will be discussing creative abuses of the Splunk product to compromise the server and laterally move further into a target environment.