#Blueteam
Showing 60 of 108 repositories tagged #blueteam, ranked by stars
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
E-mails, subdomains and names Harvester - OSINT
Cyber Security ALL-IN-ONE Platform
One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
A collection of awesome security hardening guides, tools and other resources
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Tools and Techniques for Blue Team / Incident Response
Snoop — инструмент разведки на основе открытых данных (OSINT world)
Rapidly Search and Hunt through Windows Forensic Artefacts
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
HardeningKitty and Windows Hardening Settings
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Adversary tradecraft detection, protection, and hunting
HardeningKitty - Checks and hardens your Windows configuration
You didn't think I'd go and leave the blue team out, right?
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Awesome Security lists for SOC/CERT/CTI
一款适用于红蓝对抗中的仿真钓鱼系统
Bloodhound Reporting for Blue and Purple Teams
Loading Remote AES Encrypted PE in memory , Decrypted it and run it
Agentic SOC Platform: A powerful, flexible, open-source, and agent-centric automated security operations platform (AI SOC)
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Practical Windows Forensics Training
A tool that shows detailed information about named pipes in Windows
Open Source Cloud Security
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
Data leak checker & OSINT Tool
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
Redeye is a tool intended to help you manage your data during a pentest operation
一个基于网络空间搜索引擎的攻击面管理平台,可定时进行资产信息爬取,及时发现新增资产,本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源,并对获取到的数据进行去重与清洗
RPC Monitor tool based on Event Tracing for Windows
Slack enumeration and exposed secrets detection tool
This repository contains full code examples from the book Gray Hat C#
Find cloud assets that no one wants exposed 🔎 ☁️
Web Application Secure Coding Handbook resource.
Awesome Incident Response
Windows hypervisor for Intel x64: defensive host hypervisor for Windows designed to mitigate kernel-level attacks including BYOVD, compatible with VMware and Hyper-V.
Hourly updated database of exploit and exploitation reports
Diablo ~ Hacking / Pentesting & Reporting
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging
Finding exposed secrets and personal data in GitLab
All-sources tool to search websites by favicons
Bringing infosec community, group and leaders together that solve community challenges, problems, create cultural and provide value to Infosec community.
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
Emulate and Dissect MSF and *other* attacks
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Detect real scammers with Wallet-Tracker CLI from anywhere.
The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.
Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activity — frame by frame
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)