blue-team

There are 63 repositories under blue-team topic.

• decalage2 / awesome-security-hardening

  A collection of awesome security hardening guides, tools and other resources

  awesome-listsecuritysecurity-hardeningsecurity-toolswindows-hardeningcybersecuritycyber-securityinfosecbest-practicescis-benchmarksblueteamblue-teamcomputer-securitylinux-hardening
  5666

• Trusted-AI / adversarial-robustness-toolbox

  Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

  adversarial-attacksadversarial-examplesadversarial-machine-learningaiartificial-intelligenceattackblue-teamevasionextractioninferencemachine-learningpoisoningprivacypythonred-teamtrusted-aitrustworthy-ai
  Language:Python 5123

• fabacab / awesome-cybersecurity-blueteam

  :computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

  awesome-listcybersecurityblue-teamdefensive-securitysecurityinfoseccomputer-security
  4581
• BlueTeam-Tools

  A-poc / BlueTeam-Tools

  Tools and Techniques for Blue Team / Incident Response

  blue-teamblueteamcheatsheetincident-responsemalware-analysistoolsvulnerability-managementwikiincidentresourcescyber-securitydefender
  2994
• RedEye

  cisagov / RedEye

  RedEye is a visual analytic tool supporting Red & Blue Team operations

  blue-teamcybersecurityred-team
  Language:TypeScript 2700

• Bashfuscator / Bashfuscator

  A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

  bashlinuxlinux-shellobfuscationred-teamblue-teamevasionincident-responseinfosec
  Language:Python 1733

• mytechnotalent / Hacking-Windows

  A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

  hackingwindowsassemblyassemblercppcplusplusidaida-proidaproreverse-engineeringblue-teamtrainingtraining-materialstraining-materialcybersecurityhackcybercyber-threat-intelligencewin32apimicrosoft-windows
  Language:C 1411

• Viralmaniar / BigBountyRecon

  BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

  osintreconreconnaissancecybersecurityoffensive-securitypentestingpentest-toolbugbountybugbounty-toolbugbountytipsred-teamred-teamingblue-teampurple-teampurple-teams
  Language:C# 1318

• Qianlitp / WatchAD

  AD Security Intrusion Detection System

  securityactive-directorypython3defcon27intrusion-detection-systemkerberosevent-logntlmblue-teamwatchad
  Language:Python 1291
• BLUESPAWN

  ION28 / BLUESPAWN

  An Active Defense and EDR software to empower Blue Teams

  active-defenseanti-virusblue-teamedrmitre-attacksecuritysecurity-toolsthreat-huntingwindows
  Language:C++ 1266
• sentinel-attack

  netevert / sentinel-attack

  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

  siemthreat-huntingazure-sentinelmitre-attacksysmonsysmon-configazureblue-teamcybersecurityloggingsecurity-toolsdetectionkqlworkbooksterraform-azure
  1065

• TryCatchHCF / DumpsterFire

  "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

  automationblue-teamblue-teamshackinghacking-toolhacking-toolsinfosecpentestpentest-toolpentest-toolspentestingred-teamred-teamssecuritysecurity-tools
  Language:Python 1009

• Puliczek / awesome-list-of-secrets-in-environment-variables

  🦄🔒 Awesome list of secrets in environment variables 🖥️

  blue-teambugbounttipsbugbountycve-2021-44228cybersecurityexploitlog4jpentestingpocred-teamsecuritysecurity-writeupswriteups
  880

• satan1a / awesome-cybersecurity-blueteam-cn

  网络安全 · 攻防对抗 · 蓝队清单，中文版

  blue-teamcybersecurityattack-defensechinese-translationawesome
  Language:HTML 857
• opensquat

  atenreiro / opensquat

  The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

  threat-intelligencetyposquattingcybersquattingphishing-detectionphishingosintsecurity-toolsdomain-squattingthreat-huntingphishing-domainsdomain-namecybersecuritymalwarepythonblue-teaminfosechomograph-attackscanner
  Language:Python 767
• Awesome-OSINT-For-Everything

  Astrosp / Awesome-OSINT-For-Everything

  OSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.

  blue-teambugbountyinformation-gatheringosintosint-toolsosinttoolreconreconnaissancered-teamsecurity-toolsweb
  Language:Shell 612

• awslabs / aws-cloudsaga

  AWS CloudSaga - Simulate security events in AWS

  awsblue-teamincident-response-toolingpurple-teamred-teamingsecuritysecurity-audit
  Language:Python 450

• dolevf / graphql-cop

  Security Auditor Utility for GraphQL APIs

  auditingblue-teamgraphqlhackinghardeningpenetration-testingred-teamsecurity
  Language:Python 432
• slack-watchman

  PaperMtn / slack-watchman

  Slack enumeration and exposed secrets detection tool

  blue-teamblueteamcybersecurityinfosecmonitoringpurple-teampurpleteamred-teamredteamslackslack-apislack-workspacestools
  Language:Python 374

• codeexpress / respounder

  Respounder detects presence of responder in the network.

  respondergolangnetwork-security-monitoringnetwork-securityhackersllmnrcomputer-securityblue-teamattack-preventionattack-defense
  Language:Go 315

• joeavanzato / Trawler

  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.

  dfirpowershellblue-teamincident-responsemalwarepersistencewindows
  Language:PowerShell 315

• activecm / rita

  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

  beaconsblue-teamc2command-and-controlcyber-securitynetwork-traffic-analysisthreat-huntingzeeklog-analysisanomaly-detectionincident-responsenetwork-monitoringthreat-intelligenceintrusion-detectionsecurity-toolsc2-detection
  Language:Go 258

• Kirtar22 / Litmus_Test

  Detecting ATT&CK techniques & tactics for Linux

  blue-teamdefensive-securityincident-responselinux-huntingmitre-attackred-teamsecurity-operationsthreathunting
  Language:Roff 258

• awslabs / assisted-log-enabler-for-aws

  Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

  awsblue-teamflow-logsincident-responseloggingsecurity-tools
  Language:Python 253

• Viralmaniar / Remote-Desktop-Caching-

  This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

  blueteamredteamhackinginternal-pentestpenetration-testingredteamingforensicsforensics-investigationsforensic-analysisinfrastructure-monitoringblue-teamhacking-toolshacking-attack-toolspurpleteam
  Language:Python 213
• NoMoreCookies

  AdvDebug / NoMoreCookies

  Browser Protector against various stealers, written in C# & C/C++.

  antivirusblue-teambrowserhookingprotectionratstealeranti-stealerbackdoorhookremotedll-injectionmalwaremalware-protectionpassword-stealerremote-access-trojansecuritycsharpgrabbersecurity-tools
  Language:C# 201
• gitlab-watchman

  PaperMtn / gitlab-watchman

  Finding exposed secrets and personal data in GitLab

  blueteamblue-teamcybersecurityinfosecgitlabtoolsredteamred-teamgitlab-watchmanpurpleteampurple-teamgitlab-apimonitoringdlpdata-loss-prevention
  Language:Python 197
• dorothy

  elastic / dorothy

  Dorothy is a tool to test security monitoring and detection for Okta environments

  securitycybersecurityblue-teamsecurity-toolsred-teaminfosec
  Language:Python 179
• bulwark

  softrams / bulwark

  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

  security-toolsvulnerability-managementangulartypeormtypescriptnodejsexpresswebappsecappsecapplication-securityvulnerability-reportpentestingvulnerability-assessmentsecurity-toolpenetration-testing-toolsvulnerability-researchbugbountyblue-teamred-team
  Language:TypeScript 179
• juumla

  oppsec / juumla

  🦁 Identify Joomla version, scan for vulnerabilities and sensitive files

  joomlascannerpentesttoolred-teamblue-teaminfosecdockerpythonhacktoberfest
  Language:Python 170

• KC7-Foundation / kc7

  A cybersecurity game in Azure Data Explorer

  cybersecurityeducationblue-teamcyber-defenseincident-responsethreat-intelligencepython
  Language:Python 168

• mytechnotalent / turbo-scanner

  A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts IP or FQDN with the sole purpose of testing your own network to ensure there are no malicious services running.

  gogolangukrainerussiantortcptcp-scannerport-scannerportscannerrussiacybercybersecuritymalwaremalware-analysisdefensive-securitysecuritysecurity-toolsblue-teamblue-teams
  Language:Go 153

• PI-Defender / pi-defender

  Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.

  anti-injectionanti-malwareantivirusblue-teamdefensedriverkernelmalwareprocess-injectionsecuritywindows
  Language:C++ 151

• pbnj / infosec-interview-questions

  🗒️ A [work-in-progress] collection for interview questions for Information Security roles

  infosecinterviewquestionsinformation-securityapplication-securityred-teamblue-team
  135

• iknowjason / BlueCloud

  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

  cyberrangecyber-rangeedr-testingpentestingblue-teamdfir-automationdfirpurpleteam
  Language:HTML 129

• fierceoj / ShonyDanza

  A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

  shodanshodan-apishodan-pythonreconnaissancered-teamblue-teampurple-teamscanninginformation-gatheringshonydanzapre-configureexploitsvulnerability-identificationvulnerability-detectionmalware-identificationmalware-detectionpentestingpenetration-testingsecurity-toolssecurity-research
  Language:Python 120