blue-team

There are 59 repositories under blue-team topic.

decalage2 / awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
awesome-list best-practices blue-team blueteam cis-benchmarks computer-security cyber-security cybersecurity infosec linux-hardening security security-hardening security-tools windows-hardening
5505
Trusted-AI / adversarial-robustness-toolbox
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
python attack adversarial-machine-learning poisoning trusted-ai artificial-intelligence extraction adversarial-attacks adversarial-examples evasion inference privacy ai trustworthy-ai red-team blue-team machine-learning
Language:Python 4899
fabacab / awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
awesome-list cybersecurity blue-team defensive-security security infosec computer-security
4397
BlueTeam-Tools
A-poc / BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
blue-team blueteam cheatsheet incident-response malware-analysis tools vulnerability-management wiki incident resources cyber-security defender
2832
RedEye
cisagov / RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
blue-team cybersecurity red-team
Language:TypeScript 2669
Bashfuscator / Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team
Language:Python 1661
mytechnotalent / Hacking-Windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
assembler assembly blue-team cplusplus cpp cyber cyber-threat-intelligence cybersecurity hack hacking ida ida-pro idapro microsoft-windows reverse-engineering training training-material training-materials win32api windows
Language:C 1374
Qianlitp / WatchAD
AD Security Intrusion Detection System
security active-directory python3 defcon27 intrusion-detection-system kerberos event-log ntlm blue-team watchad
Language:Python 1291
BLUESPAWN
ION28 / BLUESPAWN
An Active Defense and EDR software to empower Blue Teams
active-defense windows security security-tools blue-team mitre-attack anti-virus edr threat-hunting
Language:C++ 1239
Viralmaniar / BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming
Language:C# 1235
sentinel-attack
netevert / sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure azure-sentinel blue-team cybersecurity detection kql logging mitre-attack security-tools siem sysmon sysmon-config terraform-azure threat-hunting workbooks
Language:HCL 1061
TryCatchHCF / DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools
Language:Python 997
Puliczek / awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
blue-team bugbounttips bugbounty cve-2021-44228 cybersecurity exploit log4j pentesting poc red-team security security-writeups writeups
866
satan1a / awesome-cybersecurity-blueteam-cn
网络安全 · 攻防对抗 · 蓝队清单，中文版
attack-defense awesome blue-team chinese-translation cybersecurity
Language:HTML 831
opensquat
atenreiro / opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
blue-team cybersecurity cybersquatting domain-name domain-squatting homograph-attack infosec malware osint phishing phishing-detection phishing-domains python scanner security-tools threat-hunting threat-intelligence typosquatting
Language:Python 730
Awesome-OSINT-For-Everything
Astrosp / Awesome-OSINT-For-Everything
OSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.
blue-team bugbounty information-gathering osint osint-tools osinttool recon reconnaissance red-team security-tools web
Language:JavaScript 497
awslabs / aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
aws security security-audit red-teaming blue-team purple-team incident-response-tooling
Language:Python 443
dolevf / graphql-cop
Security Auditor Utility for GraphQL APIs
security penetration-testing auditing graphql hacking red-team blue-team hardening
Language:Python 384
slack-watchman
PaperMtn / slack-watchman
Slack enumeration and exposed secrets detection tool
blue-team blueteam cybersecurity infosec monitoring purple-team purpleteam red-team redteam slack slack-api slack-workspaces tools
Language:Python 366
codeexpress / respounder
Respounder detects presence of responder in the network.
responder golang network-security-monitoring network-security hackers llmnr computer-security blue-team attack-prevention attack-defense
Language:Go 314
joeavanzato / Trawler
PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
blue-team dfir incident-response malware persistence powershell windows
Language:PowerShell 308
Kirtar22 / Litmus_Test
Detecting ATT&CK techniques & tactics for Linux
blue-team defensive-security incident-response linux-hunting mitre-attack red-team security-operations threathunting
Language:Roff 257
awslabs / assisted-log-enabler-for-aws
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
aws blue-team flow-logs incident-response logging security-tools
Language:Python 226
Viralmaniar / Remote-Desktop-Caching-
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
blueteam redteam hacking internal-pentest penetration-testing redteaming forensics forensics-investigations forensic-analysis infrastructure-monitoring blue-team hacking-tools hacking-attack-tools purpleteam
Language:Python 208
activecm / rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
beacons blue-team c2 command-and-control cyber-security network-traffic-analysis threat-hunting zeek log-analysis anomaly-detection incident-response network-monitoring threat-intelligence intrusion-detection security-tools c2-detection
Language:Go 201
ZeroMemoryEx / Handle-Ripper
simple Windows handle hijacker with a nod to Apxaey for inspiration
blue-team bypass-av evasion-attack handle-hijacking malware-development malware-research red-team win32 windows
Language:C++ 201
gitlab-watchman
PaperMtn / gitlab-watchman
Finding exposed secrets and personal data in GitLab
blueteam blue-team cybersecurity infosec gitlab tools redteam red-team gitlab-watchman purpleteam purple-team gitlab-api monitoring dlp data-loss-prevention
Language:Python 196
NoMoreCookies
AdvDebug / NoMoreCookies
Browser Protector against various stealers, written in C# & C/C++.
anti-stealer antivirus backdoor blue-team browser csharp dll-injection grabber hook hooking malware malware-protection password-stealer protection rat remote remote-access-trojan security security-tools stealer
Language:C# 193
bulwark
softrams / bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
angular application-security appsec blue-team bugbounty express nodejs penetration-testing-tools pentesting red-team security-tool security-tools typeorm typescript vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research webappsec
Language:TypeScript 180
dorothy
elastic / dorothy
Dorothy is a tool to test security monitoring and detection for Okta environments
security cybersecurity blue-team security-tools red-team infosec
Language:Python 175
juumla
oppsec / juumla
🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files
blue-team docker hacktoberfest infosec joomla pentest python red-team scanner tool
Language:Python 167
KC7-Foundation / kc7
A cybersecurity game in Azure Data Explorer
blue-team cyber-defense cybersecurity education incident-response python threat-intelligence
Language:Python 162
mytechnotalent / turbo-scanner
A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts IP or FQDN with the sole purpose of testing your own network to ensure there are no malicious services running.
go golang ukraine russian tor tcp tcp-scanner port-scanner portscanner russia cyber cybersecurity malware malware-analysis defensive-security security security-tools blue-team blue-teams
Language:Go 148
PI-Defender / pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
anti-injection anti-malware antivirus blue-team defense driver kernel malware process-injection security windows
Language:C++ 148
pbnj / infosec-interview-questions
🗒️ A [work-in-progress] collection for interview questions for Information Security roles
infosec interview questions information-security application-security red-team blue-team
136
iknowjason / BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
cyberrange cyber-range edr-testing pentesting blue-team dfir-automation dfir purpleteam
Language:HTML 125

blue-team

decalage2 / awesome-security-hardening

Trusted-AI / adversarial-robustness-toolbox

fabacab / awesome-cybersecurity-blueteam

A-poc / BlueTeam-Tools

cisagov / RedEye

Bashfuscator / Bashfuscator

mytechnotalent / Hacking-Windows

Qianlitp / WatchAD

ION28 / BLUESPAWN

Viralmaniar / BigBountyRecon

netevert / sentinel-attack

TryCatchHCF / DumpsterFire

Puliczek / awesome-list-of-secrets-in-environment-variables

satan1a / awesome-cybersecurity-blueteam-cn

atenreiro / opensquat

Astrosp / Awesome-OSINT-For-Everything

awslabs / aws-cloudsaga

dolevf / graphql-cop

PaperMtn / slack-watchman

codeexpress / respounder

joeavanzato / Trawler

Kirtar22 / Litmus_Test

awslabs / assisted-log-enabler-for-aws

Viralmaniar / Remote-Desktop-Caching-

activecm / rita

ZeroMemoryEx / Handle-Ripper

PaperMtn / gitlab-watchman

AdvDebug / NoMoreCookies

softrams / bulwark

elastic / dorothy

oppsec / juumla

KC7-Foundation / kc7

mytechnotalent / turbo-scanner

PI-Defender / pi-defender

pbnj / infosec-interview-questions

iknowjason / BlueCloud