blueteaming

There are 3 repositories under blueteaming topic.

• ihebski / DefaultCreds-cheat-sheet

  One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

  infosecdefault-passwordpentestingbugbountypentestcheatsheetcybersecurityblueteamoffensive-securityexploitblueteam-toolsblueteamingoffensive-security-projectssoc
  Language:Python 6217
• Lockdoor-Framework

  SofianeHamlaoui / Lockdoor-Framework

  🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

  sofianehamlaouipenetration-testingpentestingpentest-toolpentesting-toolspentesting-pythonpentesterspentest-environmentpentest-scriptshacking-toolhacking-toolscybersecuritycyber-securityblackarch-packagesredteamingredteamblueteaminghackingfrancaisfrance
  Language:Python 1484

• emtunc / SlackPirate

  Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

  blueteamblueteamingpythonredteamredteamingslackslack-api
  Language:Python 774

• keraattin / EmailAnalyzer

  With EmailAnalyzer you can analyze your suspicious emails. You can extract headers, links, and hashes from the .eml file and you can generate reports.

  blueteamingcybersecuritydfiremailforensics
  Language:Python 253

• DamonMohammadbagher / NativePayloads

  All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming

  blueteamblueteamingbypass-antiviruscsharpdefensivedefensive-programmingevasionevasion-attackmemoryscannermonitoring-tooloffensiveoffensive-securitypentestpentestingredteamredteamingdetectionremote-thread-injectionthread-injection
  Language:C# 231

• ashwin-patil / blue-teaming-with-kql

  Repository with Sample KQL Query examples for Threat Hunting

  azureazure-data-explorerazure-sentinelblueteamingkqlloganalyticssecuritysiemthreat-hunting
  210

• Viralmaniar / MurMurHash

  This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

  blueteamblueteamingcybersecurityinfosecmurmurhashmurmurhash3phishingphishing-detectionproactive-securitypurpleteamredteamredteamingsecurity-toolsthreat-intelligencethreathuntingthreatintelthreatintelligence
  Language:Python 117

• alt3kx / wafaray

  Enhance your malware detection with WAF + YARA (WAFARAY)

  blueteamblueteamingpentestingsecurity-toolsthreat-intelligencethreathuntingwafyarayara-rules
  Language:Shell 108

• simeononsecurity / Blue-Team-Tools

  A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-Team defense under an active threat.

  blueteamblueteamingccdc
  Language:HTML 96

• DarkSpaceSecurity / DocEx

  APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files

  aptblackhatblueteamblueteamingblueteaming-toolshackingpurpleteampurpleteamingredteamredteam-toolsredteamingthreatactorswhitehat
  Language:C++ 93

• josh-morin / qradar

  Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.

  blue-teamblueteamblueteamingpython3qradarshell-scriptsiem
  Language:Python 81

• 5nacks / OSINTBookmarks

  OSINT Bookmarks for Firefox / Chrome / Edge / Safari

  osint-bookmarksosintosint-frameworkredteamredteamingcybersecurityblueteamblueteamingosint-reconnaissancecybersecurity-incidents
  Language:HTML 61

• DamonMohammadbagher / NativePayload_PE1

  NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]

  assemblybypass-antivirusinjectingblueteaminginmemorypentestingredteaminginjecting-meterpreter-payloadantivirusbypassbypassingpentestredteam
  Language:C# 58
• BlueTeam

  Hacking-Notes / BlueTeam

  This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

  blueteamblueteamingcybersecurityemail-analysislog-analysismalware-analysispacket-capturesystem-hardening
  42

• Viralmaniar / DDWPasteRecon

  DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.

  attacksurfaceblueteamblueteamingdarkwebdarkweb-hackingddwhacking-toolsiocspastesitesreconnaissanceredteamredteam-toolsredteamingsocthreat-huntingthreat-intelligencethreat-sharing
  Language:C# 38

• ForbiddenProgrammer / awesome-cybersecurity-news

  List of sources for cybersecurity news

  cybersecuritycyber-securitypentestingnewsblueteamingredteamingcybersecurity-blogcybersecurity-newsawesomeawesome-list
  36
• Yara-Repo

  Fadavvi / Yara-Repo

  A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-systems.com/

  yarayara-rulesyara-signaturesyara-forensicsblueteamblueteamingthreat-huntingthreat-intelligencethreatintel
  Language:Shell 27

• alt3kx / wafparan01d3

  Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool

  blueteamblueteamingintegratorspentesterspentestingsecurity-toolsthreat-huntingthreat-intelligencewaf
  Language:Python 25

• atc-project / atc-mitigation

  Actionable analytics designed to combat threats based on MITRE's ATT&CK.

  mitre-attackmitreblueteamblueteamingsoccybersecurity
  22
• kathe

  avuko / kathe

  A GUI/REST interface to find similarities in large sets (think: binaries). Based on ssdeep.

  blueteamblueteamingssdeepredisscoremalware-analysismalware-researchmalware-detection
  Language:JavaScript 19

• DamonMohammadbagher / BEV4

  BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files

  blue-team-toolevent-monitoringeventviewerreal-timethreat-hunting-via-sysmonthreat-hunting-via-eventlogsatomic-red-teammitre-attackrealtime-monitoringblueteaming
  Language:C# 18

• brootware / flarevm-up

  Easy automated vagrant provisioning of Windows 10 with flarevm tools installed for Digital Forensics and Malware Analysis Lab.

  blueteamingctfctf-toolsdfir-automationdigital-forensicsforensics-toolsmalware-analysisreverse-engineeringvagrantvirtualboxwindows-10
  Language:HCL 16

• Cybonto / OllaDeck

  OllaDeck is a purple technology stack for Generative AI (text modality) cybersecurity. It provides a comprehensive set of tools for both blue team and red team operations in the context of text-based generative AI.

  blueteamingcybersecuritycybersecurity-toolsgenerative-aillm-evaluationllmsllmsecurityredteaming
  Language:Python 16

• ProtAAPP / wikiprot

  Repositorio de documentación y referencias relativas al mundo de la ciberseguridad, creado y mantenido por la Comunidad de ProtAAPP

  cybersecuritycyber-securityblueteamblueteamingwikicivil-servantshacking
  11

• bocajspear1 / Blueteam-Crash-Course

  Blue Team Crash Course

  blueteamblueteamingeducationcny-hackathon
  Language:HTML 7

• jstnk9 / MISP

  Here I'll store some scripts and other stuff related to MISP.

  blueteamingdfirmispthreat-huntingthreat-intelligence
  Language:Python 7

• avuko / sb

  Analysis of the Shadow Broker/ Equation Group dumps.

  blueteamingblueteam
  Language:Python 6
• EroSmb

  viktor02 / EroSmb

  Fast SMB network scanner

  smbnetworkscannerenumerationtoolpythonsecurityinfosecappsecpentestpentest-toolblueteamblueteamingredteamredteaming
  Language:Python 5
• paladin

  Zeerg / paladin

  A blueteam tool to simulate attacks using Atomic Red Team and other techniques.

  attackcybersecuritygolangblueteamingsecurityautomationmitre-attackmitre
  Language:Go 5

• Balzu / Security-Events-Explorer

  A user-friendly and powerful tool to analyze Windows Security Events

  active-directoryactive-directory-exploitationactive-directory-securityblueteamblueteamingevent-viewerlog-intelligencesocwindowswindows-securityactive-directory-authenticationcehcisspsecurity-analysissecurity-operationssecurity-toolswhite-hatwindows-local-exploitwindows-logon
  Language:JavaScript 4

• jkerai1 / VirusTotal-IP-powershell

  Triage an IP using powershell

  powershellvirustotalvirusipmalicious-ipsthreat-intelligenceapivirustotal-apiapi-restasncountrycountry-codesmaliciousblueteamblueteamingtriagesocincident-response
  Language:PowerShell 3

• avuko / lymph

  Generic Signature Format for System States

  blueteamblueteaming
  2

• DamonMohammadbagher / BEV3

  BasicEventViewer (BEV v3.0), this code will useful for All Blue Teamers.

  eventviewersecuritywindowseventviewerblueteamblueteamingthreat-hunting-via-sysmon
  Language:C# 2

• hack-with-ethics / Vulnerablity-Checker-NVD

  This Code is just lists the updated vulnerablities and cves in the version of some services like ftp,http and more

  beautifulsoup4hackingnational-vulnerability-databasenvdpythonrequestsvulnerability-scannerswebscrblueteaming
  Language:Python 2

• jonasw234 / systeminfo.py

  systeminfo command for offline system images

  blueteamingwindowsforensicsincident-response-tooling
  Language:Python 2

• RogueCyberSecurityChannel / PyCanary-Python-Canary-Token-Alternative

  PyCanary: CMD line tool to monitor any directory for file access or file changes, log event, send basic alert to user, and dump and process information collected. There is also a background thread monitoring all created processes and logging them for later analysis.

  antivirusblueteamblueteamingblueteaming-toolscanarycanary-tokenscyber-securitycybersecurityedrhuristicpythonthreat-huntingwindows-10windows-11loggingmultithreadingprocess-monitorblueteam-tools
  Language:Python 2