There are 16 repositories under purpleteam topic.
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
The goal of this repository is to document the most common techniques to bypass AppLocker.
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Hunting queries and detections
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
Purple Team Exercise Framework
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
Slack enumeration and exposed secrets detection tool
Atomic Purple Team Framework and Lifecycle
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Security lists for SOC detections
Finding exposed secrets and personal data in GitLab
ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Purple Teaming Attack & Hunt Lab - Terraform
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
CLI component of OWASP PurpleTeam
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Provides various Windows Server Active Directory (AD) security-focused reports.
Gather information from an email address connected to Office 365
Monitoring GitHub for sensitive data shared publicly
Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"