blue-team

There are 60 repositories under blue-team topic.

decalage2 / awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
awesome-list best-practices blue-team blueteam cis-benchmarks computer-security cyber-security cybersecurity infosec linux-hardening security security-hardening security-tools windows-hardening
5613
Trusted-AI / adversarial-robustness-toolbox
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
adversarial-attacks adversarial-examples adversarial-machine-learning ai artificial-intelligence attack blue-team evasion extraction inference machine-learning poisoning privacy python red-team trusted-ai trustworthy-ai
Language:Python 5021
fabacab / awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
awesome-list blue-team computer-security cybersecurity defensive-security infosec security
4511
BlueTeam-Tools
A-poc / BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
blue-team blueteam cheatsheet cyber-security defender incident incident-response malware-analysis resources tools vulnerability-management wiki
2912
RedEye
cisagov / RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
blue-team cybersecurity red-team
Language:TypeScript 2685
Bashfuscator / Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team
Language:Python 1715
mytechnotalent / Hacking-Windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
hacking windows assembly assembler cpp cplusplus ida ida-pro idapro reverse-engineering blue-team training training-materials training-material cybersecurity hack cyber cyber-threat-intelligence win32api microsoft-windows
Language:C 1399
Viralmaniar / BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming
Language:C# 1293
Qianlitp / WatchAD
AD Security Intrusion Detection System
active-directory blue-team defcon27 event-log intrusion-detection-system kerberos ntlm python3 security watchad
Language:Python 1287
BLUESPAWN
ION28 / BLUESPAWN
An Active Defense and EDR software to empower Blue Teams
active-defense windows security security-tools blue-team mitre-attack anti-virus edr threat-hunting
Language:C++ 1249
sentinel-attack
netevert / sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
siem threat-hunting azure-sentinel mitre-attack sysmon sysmon-config azure blue-team cybersecurity logging security-tools detection kql workbooks terraform-azure
1062
TryCatchHCF / DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools
Language:Python 1001
Puliczek / awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
blue-team bugbounttips bugbounty cve-2021-44228 cybersecurity exploit log4j pentesting poc red-team security security-writeups writeups
867
satan1a / awesome-cybersecurity-blueteam-cn
网络安全 · 攻防对抗 · 蓝队清单，中文版
attack-defense awesome blue-team chinese-translation cybersecurity
Language:HTML 846
opensquat
atenreiro / opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
threat-intelligence typosquatting cybersquatting phishing-detection phishing osint security-tools domain-squatting threat-hunting phishing-domains domain-name cybersecurity malware python blue-team infosec homograph-attack scanner
Language:Python 754
Awesome-OSINT-For-Everything
Astrosp / Awesome-OSINT-For-Everything
OSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.
blue-team bugbounty information-gathering osint osint-tools osinttool recon reconnaissance red-team security-tools web
Language:JavaScript 567
awslabs / aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
aws blue-team incident-response-tooling purple-team red-teaming security security-audit
Language:Python 448
dolevf / graphql-cop
Security Auditor Utility for GraphQL APIs
auditing blue-team graphql hacking hardening penetration-testing red-team security
Language:Python 412
slack-watchman
PaperMtn / slack-watchman
Slack enumeration and exposed secrets detection tool
blue-team blueteam cybersecurity infosec monitoring purple-team purpleteam red-team redteam slack slack-api slack-workspaces tools
Language:Python 370
codeexpress / respounder
Respounder detects presence of responder in the network.
attack-defense attack-prevention blue-team computer-security golang hackers llmnr network-security network-security-monitoring responder
Language:Go 317
joeavanzato / Trawler
PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
blue-team dfir incident-response malware persistence powershell windows
Language:PowerShell 314
Kirtar22 / Litmus_Test
Detecting ATT&CK techniques & tactics for Linux
blue-team defensive-security incident-response linux-hunting mitre-attack red-team security-operations threathunting
Language:Roff 258
awslabs / assisted-log-enabler-for-aws
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
aws blue-team flow-logs incident-response logging security-tools
Language:Python 245
activecm / rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
anomaly-detection beacons blue-team c2 c2-detection command-and-control cyber-security incident-response intrusion-detection log-analysis network-monitoring network-traffic-analysis security-tools threat-hunting threat-intelligence zeek
Language:Go 233
Viralmaniar / Remote-Desktop-Caching-
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
blue-team blueteam forensic-analysis forensics forensics-investigations hacking hacking-attack-tools hacking-tools infrastructure-monitoring internal-pentest penetration-testing purpleteam redteam redteaming
Language:Python 212
NoMoreCookies
AdvDebug / NoMoreCookies
Browser Protector against various stealers, written in C# & C/C++.
antivirus blue-team browser hooking protection rat stealer anti-stealer backdoor hook remote dll-injection malware malware-protection password-stealer remote-access-trojan security csharp grabber security-tools
Language:C# 195
gitlab-watchman
PaperMtn / gitlab-watchman
Finding exposed secrets and personal data in GitLab
blue-team blueteam cybersecurity data-loss-prevention dlp gitlab gitlab-api gitlab-watchman infosec monitoring purple-team purpleteam red-team redteam tools
Language:Python 195
dorothy
elastic / dorothy
Dorothy is a tool to test security monitoring and detection for Okta environments
blue-team cybersecurity infosec red-team security security-tools
Language:Python 178
bulwark
softrams / bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
angular application-security appsec blue-team bugbounty express nodejs penetration-testing-tools pentesting red-team security-tool security-tools typeorm typescript vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research webappsec
Language:TypeScript 177
juumla
oppsec / juumla
🦁 Identify Joomla version, scan for vulnerabilities and sensitive files
joomla scanner pentest tool red-team blue-team infosec docker python hacktoberfest
Language:Python 171
KC7-Foundation / kc7
A cybersecurity game in Azure Data Explorer
cybersecurity education blue-team cyber-defense incident-response threat-intelligence python
Language:Python 167
mytechnotalent / turbo-scanner
A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts IP or FQDN with the sole purpose of testing your own network to ensure there are no malicious services running.
blue-team blue-teams cyber cybersecurity defensive-security go golang malware malware-analysis port-scanner portscanner russia russian security security-tools tcp tcp-scanner tor ukraine
Language:Go 151
PI-Defender / pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
driver kernel malware process-injection security windows antivirus anti-malware blue-team defense anti-injection
Language:C++ 149
pbnj / infosec-interview-questions
🗒️ A [work-in-progress] collection for interview questions for Information Security roles
application-security blue-team information-security infosec interview questions red-team
136
iknowjason / BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
blue-team cyber-range cyberrange dfir dfir-automation edr-testing pentesting purpleteam
Language:HTML 128
fierceoj / ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
shodan shodan-api shodan-python reconnaissance red-team blue-team purple-team scanning information-gathering shonydanza pre-configure exploits vulnerability-identification vulnerability-detection malware-identification malware-detection pentesting penetration-testing security-tools security-research
Language:Python 120

blue-team

decalage2 / awesome-security-hardening

Trusted-AI / adversarial-robustness-toolbox

fabacab / awesome-cybersecurity-blueteam

A-poc / BlueTeam-Tools

cisagov / RedEye

Bashfuscator / Bashfuscator

mytechnotalent / Hacking-Windows

Viralmaniar / BigBountyRecon

Qianlitp / WatchAD

ION28 / BLUESPAWN

netevert / sentinel-attack

TryCatchHCF / DumpsterFire

Puliczek / awesome-list-of-secrets-in-environment-variables

satan1a / awesome-cybersecurity-blueteam-cn

atenreiro / opensquat

Astrosp / Awesome-OSINT-For-Everything

awslabs / aws-cloudsaga

dolevf / graphql-cop

PaperMtn / slack-watchman

codeexpress / respounder

joeavanzato / Trawler

Kirtar22 / Litmus_Test

awslabs / assisted-log-enabler-for-aws

activecm / rita

Viralmaniar / Remote-Desktop-Caching-

AdvDebug / NoMoreCookies

PaperMtn / gitlab-watchman

elastic / dorothy

softrams / bulwark

oppsec / juumla

KC7-Foundation / kc7

mytechnotalent / turbo-scanner

PI-Defender / pi-defender

pbnj / infosec-interview-questions

iknowjason / BlueCloud

fierceoj / ShonyDanza