Script to detect C2 connections and Malicious URLs using Splunk

TejaRamachandran / SOC-Automation-Scripts

GNU General Public License v3.0

1 stars 0 forks source link

Script to detect C2 connections and Malicious URLs using Splunk #1

Open iamsivasankar opened 6 years ago

iamsivasankar commented 6 years ago

Hi Teja Ramachandran,

I am looking for the Script, which can detect Malicious C2 connections and domains using Cisco IPS logs.We have splunk SIEM. I need a script similar to your "Qradar " script.

Thanks in advance.

Siva Sankar.

TejaRamachandran commented 4 years ago

@iamsivasankar sorry for delay in response, i have been offline long time. please DM my twitter "@ajet_r" , if you are working on this.