Topic: blue-team Goto Github

👇 Here are 163 public repositories matching this topic...

a-poc / blueteam-tools
blue-team,Tools and Techniques for Blue Team / Incident Response
User: a-poc
blue-team blueteam cheatsheet incident-response malware-analysis tools vulnerability-management wiki incident resources

activecm / rita
blue-team,Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Organization: activecm
Home Page: https://www.activecountermeasures.com/free-tools/rita/
beacons blue-team c2 command-and-control cyber-security network-traffic-analysis threat-hunting zeek log-analysis anomaly-detection

advdebug / nomorecookies
blue-team,Browser Protector against various stealers, written in C# & C/C++.
User: advdebug
antivirus blue-team browser hooking protection rat stealer anti-stealer backdoor hook

aryanguenthner / 365
blue-team,BlueTeam, RedTeam, Bug bounty, OSINT, Threat Hunting, Network and Web Recon, Discovery, Enumeration, Vulnerability Mapping, Exploitation, Reporting, Darkweb, Deepweb, Research
User: aryanguenthner
attack-surface-management pentesting-tools red-team blue-team reconnaissance cybersecurity penetration-testing

astrosp / awesome-osint-for-everything
blue-team,OSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.
User: astrosp
Home Page: https://astrosp.github.io/osint-tools/
information-gathering osint security-tools web bugbounty recon reconnaissance osint-tools osinttool blue-team

atenreiro / opensquat
blue-team,The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
User: atenreiro
Home Page: https://opensquat.com
threat-intelligence typosquatting cybersquatting phishing-detection phishing osint security-tools domain-squatting threat-hunting phishing-domains

awslabs / assisted-log-enabler-for-aws
blue-team,Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
Organization: awslabs
incident-response blue-team logging security-tools aws flow-logs

awslabs / aws-cloudsaga
blue-team,AWS CloudSaga - Simulate security events in AWS
Organization: awslabs
aws security security-audit red-teaming blue-team purple-team incident-response-tooling

bashfuscator / bashfuscator
blue-team,A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Organization: bashfuscator
Home Page: https://bashfuscator.readthedocs.io/en/latest/index.html
bash linux linux-shell obfuscation red-team blue-team evasion incident-response infosec

chaitin / mimicry
blue-team,Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
Organization: chaitin
backdoor blue-team brute-force deception honeypot incident-response security security-tools waf webshell

cisagov / redeye
blue-team,RedEye is a visual analytic tool supporting Red & Blue Team operations
Organization: cisagov
Home Page: https://cisagov.github.io/RedEye/
blue-team cybersecurity red-team

codeexpress / respounder
blue-team,Respounder detects presence of responder in the network.
User: codeexpress
responder golang network-security-monitoring network-security hackers llmnr computer-security blue-team attack-prevention attack-defense

damonmohammadbagher / etwnetmonv3
blue-team,ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
User: damonmohammadbagher
csharp-code etw etw-monitoring-threads blue-team threat-hunting tcpv4 tcpview networkmonitor meterpreter detection

decalage2 / awesome-security-hardening
blue-team,A collection of awesome security hardening guides, tools and other resources
User: decalage2
awesome-list security security-hardening security-tools windows-hardening cybersecurity cyber-security infosec best-practices cis-benchmarks

dolevf / graphql-cop
blue-team,Security Auditor Utility for GraphQL APIs
User: dolevf
auditing blue-team graphql hacking hardening penetration-testing red-team security

edoardottt / depsdev
blue-team,CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
User: edoardottt
Home Page: https://deps.dev
cargo dependency dependency-management dependency-scanning dependency-security go maven npm nuget package-security

elastic / dorothy
blue-team,Dorothy is a tool to test security monitoring and detection for Okta environments
Organization: elastic
security cybersecurity blue-team security-tools red-team infosec

fabacab / awesome-cybersecurity-blueteam
blue-team,:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
User: fabacab
awesome-list cybersecurity blue-team defensive-security security infosec computer-security

fierceoj / shonydanza
blue-team,A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
User: fierceoj
shodan shodan-api shodan-python reconnaissance red-team blue-team purple-team scanning information-gathering shonydanza

iknowjason / bluecloud
blue-team,Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
User: iknowjason
Home Page: https://blue.iknowjason.io
cyberrange cyber-range edr-testing pentesting blue-team dfir-automation dfir purpleteam

ion28 / bluespawn
blue-team,An Active Defense and EDR software to empower Blue Teams
User: ion28
active-defense windows security security-tools blue-team mitre-attack anti-virus edr threat-hunting

joeavanzato / trawler
blue-team,PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
User: joeavanzato
dfir powershell blue-team incident-response malware persistence windows

josh-morin / qradar
blue-team,Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
User: josh-morin
blue-team blueteam blueteaming python3 qradar shell-script siem

kc7-foundation / kc7
blue-team,A cybersecurity game in Azure Data Explorer
Organization: kc7-foundation
Home Page: https://kc7cyber.com
cybersecurity education blue-team cyber-defense incident-response threat-intelligence python

kirtar22 / litmus_test
blue-team,Detecting ATT&CK techniques & tactics for Linux
User: kirtar22
mitre-attack threathunting linux-hunting incident-response security-operations defensive-security blue-team red-team

m507 / blueducky
blue-team,A blue-team tool, creates a list of USB-Rubber-Ducky instructions.
User: m507
blue-team defensive-security incident-response rubber-ducky-usb powershell bash

mytechnotalent / hacking-windows
blue-team,A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
User: mytechnotalent
hacking windows assembly assembler cpp cplusplus ida ida-pro idapro reverse-engineering

mytechnotalent / turbo-scanner
blue-team,A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts IP or FQDN with the sole purpose of testing your own network to ensure there are no malicious services running.
User: mytechnotalent
go golang ukraine russian tor tcp tcp-scanner port-scanner portscanner russia

netevert / sentinel-attack
blue-team,Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
User: netevert
siem threat-hunting azure-sentinel mitre-attack sysmon sysmon-config azure blue-team cybersecurity logging

oppsec / juumla
blue-team,🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and sensitive files
User: oppsec
Home Page: https://www.joomla.org
joomla scanner pentest tool red-team blue-team infosec docker python hacktoberfest

papermtn / github-watchman
blue-team,Monitoring GitHub for sensitive data shared publicly
User: papermtn
blueteam blue-team cybersecurity infosec github tools redteam red-team purpleteam purple-team

papermtn / gitlab-watchman
blue-team,Finding exposed secrets and personal data in GitLab
User: papermtn
blueteam blue-team cybersecurity infosec gitlab tools redteam red-team gitlab-watchman purpleteam purple-team gitlab-api monitoring dlp data-loss-prevention

papermtn / slack-watchman
blue-team,Slack enumeration and exposed secrets detection tool
User: papermtn
blueteam blue-team cybersecurity infosec slack tools redteam red-team purpleteam purple-team

paulveillard / cybersecurity-red-team
blue-team,An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Red Team (Offensive) in Cybersecurity.
User: paulveillard
red-team red-teaming blue-team red-teams cybersecurity security-tools security-vulnerability-assessment technical-analysis penetration-testing penetration-resistance-modeling

pbnj / infosec-interview-questions
blue-team,🗒️ A [work-in-progress] collection for interview questions for Information Security roles
User: pbnj
infosec interview questions information-security application-security red-team blue-team

pentesteracademy / linux-rootkits-red-blue-teams
blue-team,Linux Rootkits (4.x Kernel)
Organization: pentesteracademy
Home Page: http://PentesterAcademy.com/course?id=38
linux rootkit iot hacking security pentesting red-team blue-team

pi-defender / pi-defender
blue-team,Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
Organization: pi-defender
Home Page: https://pi-defender.github.io/
driver kernel malware process-injection security windows antivirus anti-malware blue-team defense

puliczek / awesome-list-of-secrets-in-environment-variables
blue-team,🦄🔒 Awesome list of secrets in environment variables 🖥️
User: puliczek
blue-team bugbounttips bugbounty cve-2021-44228 cybersecurity exploit log4j pentesting poc red-team security security-writeups writeups

qianlitp / watchad
blue-team,AD Security Intrusion Detection System
User: qianlitp
security active-directory python3 defcon27 intrusion-detection-system kerberos event-log ntlm blue-team watchad

rushyo / vindicatetool
blue-team,LLMNR/NBNS/mDNS Spoofing Detection Toolkit
User: rushyo
blue-team detection dotnet honeypot infosec inveigh llmnr mdns nbn netbios netbiosns responder security spoofing wpad

satan1a / awesome-cybersecurity-blueteam-cn
blue-team,网络安全 · 攻防对抗 · 蓝队清单，中文版
User: satan1a
Home Page: https://blue.y1ng.org
attack-defense awesome blue-team chinese-translation cybersecurity

sensepost / notruler
blue-team,The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
Organization: sensepost
blue-team security-tools security-audit

softrams / bulwark
blue-team,An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Organization: softrams
security-tools vulnerability-management angular typeorm typescript nodejs express webappsec appsec application-security

stuub / squatsquasher
blue-team,Discovering Typo Squatting on your domains!
User: stuub
blue-team cybersecurity infosec infosectools osint stuub

tobor88 / powershell-blue-team
blue-team,Collection of PowerShell functinos and scripts a Blue Teamer might use
User: tobor88
powershell powershell-blue-team blueteam blue-team blue-teams cve-search cve defense dns-over-https doh

trusted-ai / adversarial-robustness-toolbox
blue-team,Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
Organization: trusted-ai
Home Page: https://adversarial-robustness-toolbox.readthedocs.io/en/latest/
python attack adversarial-machine-learning poisoning trusted-ai artificial-intelligence extraction adversarial-attacks adversarial-examples evasion inference privacy ai trustworthy-ai red-team blue-team machine-learning

trycatchhcf / dumpsterfire
blue-team,"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
User: trycatchhcf
automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools

viralmaniar / bigbountyrecon
blue-team,BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
User: viralmaniar
blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming

viralmaniar / remote-desktop-caching-
blue-team,This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
User: viralmaniar
blueteam redteam hacking internal-pentest penetration-testing redteaming forensics forensics-investigations forensic-analysis infrastructure-monitoring

zeromemoryex / handle-ripper
blue-team,Windows handle hijacker
User: zeromemoryex
blue-team bypass-av red-team win32 windows evasion-attack malware-development malware-research handle-hijacking