#Blue-team

Showing 60 of 84 repositories tagged #blue-team, ranked by stars

decalage2
decalage2
awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

Score
100
โ˜… 6.4k โ‘‚ 670 +37/day
Trusted-AI
Trusted-AI
adversarial-robustness-toolbox

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

Score
100
โ˜… 6.1k โ‘‚ 1.3k +10/day
Python
fabacab
fabacab
awesome-cybersecurity-blueteam

:computer:๐Ÿ›ก๏ธ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Score
96
โ˜… 5.4k โ‘‚ 823 +9/day
A-poc
A-poc
BlueTeam-Tools

Tools and Techniques for Blue Team / Incident Response

Score
92
โ˜… 4.2k โ‘‚ 644 +92/day
cisagov
cisagov
RedEye

RedEye is a visual analytic tool supporting Red & Blue Team operations

Score
89
โ˜… 2.8k โ‘‚ 291 +4/day
TypeScript
mytechnotalent
mytechnotalent
Hacking-Windows

A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

Score
99
โ˜… 1.6k โ‘‚ 143 โ€”
C
Viralmaniar
Viralmaniar
BigBountyRecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Score
77
โ˜… 1.6k โ‘‚ 290 +4/day
C#
ION28
ION28
BLUESPAWN

An Active Defense and EDR software to empower Blue Teams

Score
97
โ˜… 1.3k โ‘‚ 178 โ€”
C++
Qianlitp
Qianlitp
WatchAD

AD Security Intrusion Detection System

Score
33
โ˜… 1.3k โ‘‚ 298 โ€”
Python
edoardogerosa
edoardogerosa
sentinel-attack

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Score
73
โ˜… 1.1k โ‘‚ 200 โ€”
TryCatchHCF
TryCatchHCF
DumpsterFire

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Score
72
โ˜… 1.0k โ‘‚ 150 โ€”
Python
atenreiro
atenreiro
opensquat

The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

Score
67
โ˜… 975 โ‘‚ 161 โ€”
Python
satan1a
satan1a
awesome-cybersecurity-blueteam-cn

็ฝ‘็ปœๅฎ‰ๅ…จ ยท ๆ”ป้˜ฒๅฏนๆŠ— ยท ่“้˜Ÿๆธ…ๅ•๏ผŒไธญๆ–‡็‰ˆ

Score
70
โ˜… 964 โ‘‚ 123 โ€”
HTML
Puliczek
Puliczek
awesome-list-of-secrets-in-environment-variables

๐Ÿฆ„๐Ÿ”’ Awesome list of secrets in environment variables ๐Ÿ–ฅ๏ธ

Score
65
โ˜… 909 โ‘‚ 77 โ€”
JoasASantos
JoasASantos
n8n-CyberSecurity-Workflows

Security automation with n8n ideas: 100+ Red/Blue/AppSec workflows, integrations, and ready-to-run playbooks.

Score
83
โ˜… 880 โ‘‚ 172 +3/day
dolevf
dolevf
graphql-cop

Security Auditor Utility for GraphQL APIs

Score
87
โ˜… 673 โ‘‚ 100 โ€”
Python
0xflux
0xflux
Sanctum

Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.

Score
100
โ˜… 561 โ‘‚ 60 โ€”
Rust
BlessedRebuS
BlessedRebuS
Krawl

Krawl is a customizable, lightweight, cloud-native web deception server and anti-crawler that creates fake web applications with low-hanging vulnerabilities using realistic, randomly generated decoy data and AI-generated HTML templates.

Score
94
โ˜… 548 โ‘‚ 42 โ€”
Python
awslabs
awslabs
aws-cloudsaga

AWS CloudSaga - Simulate security events in AWS

Score
93
โ˜… 476 โ‘‚ 38 โ€”
Python
PaperMtn
PaperMtn
slack-watchman

Slack enumeration and exposed secrets detection tool

Score
90
โ˜… 404 โ‘‚ 47 โ€”
Python
F2u0a0d3
F2u0a0d3
goodboy-framework

15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.

Score
85
โ˜… 279 โ‘‚ 32 โ€”
Idov31
Idov31
NovaHypervisor

Windows hypervisor for Intel x64: defensive host hypervisor for Windows designed to mitigate kernel-level attacks including BYOVD, compatible with VMware and Hyper-V.

Score
86
โ˜… 265 โ‘‚ 25 โ€”
C++
cybercdh
cybercdh
kitphishr

A tool designed to hunt for Phishing Kit source code

Score
100
โ˜… 233 โ‘‚ 39 โ€”
Go
telagod
telagod
code-abyss

Give your AI coding agent a personality. Composable persona + style + skills for Claude Code, Codex, Gemini CLI & OpenClaw. Ships Tech Persona Card v1.0 spec.

Score
100
โ˜… 231 โ‘‚ 30 โ€”
JavaScript
Viralmaniar
Viralmaniar
Remote-Desktop-Caching-

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Score
34
โ˜… 219 โ‘‚ 57 โ€”
Python
PaperMtn
PaperMtn
gitlab-watchman

Finding exposed secrets and personal data in GitLab

Score
31
โ˜… 204 โ‘‚ 25 โ€”
Python
BARGHEST-ngo
BARGHEST-ngo
MESH

Wireless ADB, over the internet; not just local Wi-Fi. An encrypted, censorship-resistant mesh VPN making remote forensics and network monitoring seamless.

Score
80
โ˜… 197 โ‘‚ 13 โ€”
Kotlin
elastic
elastic
dorothy
Score
79
โ˜… 195 โ‘‚ 12 โ€”
Python
xsa
xsa
infosec-events

List of past and future infosec related events.

Score
82
โ˜… 185 โ‘‚ 28 โ€”
Python
KC7-Foundation
KC7-Foundation
kc7

A cybersecurity game in Azure Data Explorer

Score
30
โ˜… 176 โ‘‚ 15 โ€”
Python
mytechnotalent
mytechnotalent
turbo-scanner

A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts IP or FQDN with the sole purpose of testing your own network to ensure there are no malicious services running.

Score
62
โ˜… 166 โ‘‚ 30 โ€”
Go
depalmar
depalmar
ai_for_the_win

Build AI-powered security tools. 50+ hands-on labs covering ML, LLMs, RAG, threat detection, DFIR, and red teaming. Includes Colab notebooks, Docker environment, and CTF challenges.

Score
76
โ˜… 151 โ‘‚ 23 โ€”
Python
ridgelinecyberdefence
ridgelinecyberdefence
vanguard

Cross-platform incident response toolkit. 28 pre-built use cases, single binary, zero install. Memory, disk, network, and cloud collection with automated timeline generation.

Score
75
โ˜… 146 โ‘‚ 8 +2/day
Go
MaheshShukla1
MaheshShukla1
SOC-Analyst-Notes

Comprehensive SOC Analyst notes covering incident response, threat hunting, SOC workflows, and cybersecurity conceptsโ€”perfect for exam prep and skill-building in blue team operations.

Score
68
โ˜… 133 โ‘‚ 19 +3/day
fierceoj
fierceoj
ShonyDanza

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Score
25
โ˜… 120 โ‘‚ 25 โ€”
Python
paulveillard
paulveillard
cybersecurity-red-team

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Red Team (Offensive) in Cybersecurity.

Score
23
โ˜… 103 โ‘‚ 27 โ€”
sensepost
sensepost
notruler

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Score
0
โ˜… 96 โ‘‚ 18 โ€”
Go
josh-morin
josh-morin
qradar

Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.

Score
0
โ˜… 87 โ‘‚ 21 โ€”
Python
Idov31
Idov31
EtwSuite

Windows native ETW inspection suite for browsing providers, reading metadata, consuming live events, recording ETL traces, filtering results, and inspecting ETL/JSON/CSV recordings from one desktop tool.

Score
63
โ˜… 85 โ‘‚ 6 +4/day
C#
Stuub
Stuub
SquatSquasher

Discovering Typo Squatting on your domains!

Score
17
โ˜… 85 โ‘‚ 8 โ€”
Python
pentesteracademy
pentesteracademy
linux-rootkits-red-blue-teams

Linux Rootkits (4.x Kernel)

Score
27
โ˜… 85 โ‘‚ 45 โ€”
C
Pnwcomputers
Pnwcomputers
ULTIMATE-CYBERSECURITY-MASTER-GUIDE

This repository provides a centralized resource for operational cyber defense and offense, compiling Theory, Tools, Operating Procedures, and Step-by-Step Guides across various critical security domains. Content is sourced from industry-leading books and technical presentations, focusing on practical application rather than JUST theory.

Score
66
โ˜… 81 โ‘‚ 13 +18/day
Python
andreicscs
andreicscs
HoneyWire

HoneyWire: The Open-Source, Unlimited Deception Platform. Turn any Linux machine into an enterprise-grade canary in 60 seconds.

Score
61
โ˜… 80 โ‘‚ 3 โ€”
Go
mizazhaider-ceh
mizazhaider-ceh
Security-Books

๐Ÿ›ก๏ธ The Ultimate Cybersecurity Library | 160+ curated books, guides & resources covering Ethical Hacking, Penetration Testing, Bug Bounty, Red/Blue Team, OSINT, Malware Analysis, CEH, OSCP, CISSP, CHFI, Network Security, Kali Linux, Web Security & more. Free, organized, and clickable. Knowledge should be accessible to everyone.

Score
56
โ˜… 78 โ‘‚ 22 โ€”
vvswift
vvswift
Bypass-Protection0x00

EDR & AV Bypass Arsenalโ€” a comprehensive collection of tools, patches, and techniques for evading modern EDR and antivirus defenses.

Score
39
โ˜… 76 โ‘‚ 22 +1/day
C
s0cm0nkey
s0cm0nkey
Security-Reference-Guide

Curated cyber security resources for blue team, red team, DFIR, OSINT, AppSec, cloud security, security logging, and training.

Score
69
โ˜… 75 โ‘‚ 30 โ€”
HTML
naemazam
naemazam
cybersecurity-career-roadmap

Complete career paths for SOC, Pentesting, Blue Team, Red Team & more

Score
48
โ˜… 73 โ‘‚ 15 โ€”
Ak-cybe
Ak-cybe
soc-roadmap-2026

Complete SOC Analyst Training Roadmap 2026: 14 hands-on projects (SIEM, SOAR, TIP, ML) for automation-first defenders

Score
59
โ˜… 73 โ‘‚ 7 +3/day
wellwelwel
wellwelwel
blue-spec

๐ŸŒŠ Security-Driven Hardening: Blue Spec is a defensive workflow to help AI agents detect what your system actually does and harden the defenses that matter, whether you're a developer or not.

Score
54
โ˜… 70 โ‘‚ 1 +2/day
TypeScript
BenjaminIheukumere
BenjaminIheukumere
secrets_find0r

Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, highlights matched tokens on screen, and exports clean ASCII tables. Supports DOCX/PDF/legacy Office and depth limits.

Score
58
โ˜… 70 โ‘‚ 13 โ€”
Python
PaperMtn
PaperMtn
github-watchman

Monitoring GitHub for sensitive data shared publicly

Score
14
โ˜… 67 โ‘‚ 7 โ€”
Python
edoardottt
edoardottt
depsdev

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

Score
55
โ˜… 67 โ‘‚ 8 โ€”
Go
aryanguenthner
aryanguenthner
365

BlueTeam, RedTeam, Bug bounty, CTI, OSINT, Threat Hunting, Network and Web Recon, Discovery, Enumeration, Vulnerability Mapping, Exploitation, Reporting, Darkweb, Deepweb, Research

Score
51
โ˜… 61 โ‘‚ 9 โ€”
Shell
mukul975
mukul975
Threatswarm

27 scope-enforced AI agents that run the full pentest kill-chain (recon โ†’ exploit โ†’ post-ex โ†’ DFIR โ†’ report) as a one-command Claude Code plugin. Backed by 754 MITRE-mapped skills.

Score
52
โ˜… 59 โ‘‚ 15 โ€”
Python
paulveillard
paulveillard
cybersecurity-blue-team

A collection of awesome software, libraries, learning tutorials, documents and books, technical resources and cool stuff about Blue Team in Cybersecurity.

Score
13
โ˜… 55 โ‘‚ 10 โ€”
Macmod
Macmod
sopa

A practical client for ADWS in Golang.

Score
46
โ˜… 53 โ‘‚ 1 โ€”
Go
DotNetRussell
DotNetRussell
CyberDeck

Hackers Cookbook - Tons of hacker cli recipes ready to search and use when you need them

Score
41
โ˜… 52 โ‘‚ 7 +1/day
Python
pwnedlabs
pwnedlabs
pwncloudos

PWNCLOUDOS

Score
45
โ˜… 52 โ‘‚ 7 โ€”
Python
keraattin
keraattin
Blue-Team-Roadmap

The most comprehensive, step-by-step roadmap for breaking into defensive cybersecurity. From absolute zero to your first Blue Team role. Every skill, tool, certification, and resource you need. No experience required.

Score
42
โ˜… 48 โ‘‚ 8 +3/day
8damon
8damon
Blackbird

Powerful Kernel Windows Platform for Malware Analysis, SRE, Forensics & Threat Hunting

Score
49
โ˜… 48 โ‘‚ 7 +21/day
C#
Related Topics
#cybersecurity#red-team#security#infosec#security-tools#penetration-testing#blueteam#pentesting#threat-intelligence#incident-response#malware-analysis#python

ยฉ 2026 GitRepoTrend ยท GitHub repositories by topic ยท Updated weekly