Trending repositories for topic blueteam

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

E-mails, subdomains and names Harvester - OSINT

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Cyber Security ALL-IN-ONE Platform

Awesome list of keywords and artifacts for Threat Hunting sessions

HardeningKitty - Checks and hardens your Windows configuration

Tools and Techniques for Blue Team / Incident Response

Hunting queries and detections

Snoop — инструмент разведки на основе открытых данных (OSINT world)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

用于Linux应急响应，快速排查异常用户登录情况和入侵信息排查，准确定位溯源时间线，高效辅助还原攻击链。

Purple Team Exercise Framework

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 ...

Bloodhound Reporting for Blue and Purple Teams

Awesome list of keywords and artifacts for Threat Hunting sessions

用于Linux应急响应，快速排查异常用户登录情况和入侵信息排查，准确定位溯源时间线，高效辅助还原攻击链。

Hunting queries and detections

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Purple Team Exercise Framework

HardeningKitty - Checks and hardens your Windows configuration

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Tools and Techniques for Blue Team / Incident Response

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

E-mails, subdomains and names Harvester - OSINT

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 ...

Cyber Security ALL-IN-ONE Platform

Bloodhound Reporting for Blue and Purple Teams

The goal of this repository is to document the most common techniques to bypass AppLocker.

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

E-mails, subdomains and names Harvester - OSINT

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Cyber Security ALL-IN-ONE Platform

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Awesome list of keywords and artifacts for Threat Hunting sessions

HardeningKitty - Checks and hardens your Windows configuration

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

RouterOS Security Inspector

Tools and Techniques for Blue Team / Incident Response

Awesome Security lists for SOC/CERT/CTI

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

Purple Team Exercise Framework

Investigate malicious Windows logon by visualizing and analyzing Windows event log

BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

RouterOS Security Inspector

dll劫持、dll hijack、Bypass Antivirus、Red Team

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

Awesome list of keywords and artifacts for Threat Hunting sessions

Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

HardeningKitty - Checks and hardens your Windows configuration

Awesome Security lists for SOC/CERT/CTI

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Hunting queries and detections

Purple Team Exercise Framework

Diablo ~ Hacking / Pentesting & Reporting

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Snoop — инструмент разведки на основе открытых данных (OSINT world)

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

Bloodhound Reporting for Blue and Purple Teams

Cyber Security ALL-IN-ONE Platform

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

E-mails, subdomains and names Harvester - OSINT

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Cyber Security ALL-IN-ONE Platform

Tools and Techniques for Blue Team / Incident Response

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?

Awesome Security lists for SOC/CERT/CTI

A collection of awesome security hardening guides, tools and other resources

Rapidly Search and Hunt through Windows Forensic Artefacts

HardeningKitty - Checks and hardens your Windows configuration

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Investigate malicious Windows logon by visualizing and analyzing Windows event log

A tool that shows detailed information about named pipes in Windows

HardeningKitty and Windows Hardening Settings

BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.

dll劫持、dll hijack、Bypass Antivirus、Red Team

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop

ClatsCracker is a versatile Python password-cracking tool supporting over 15 hash algorithms. It offers dictionary or brute-force attacks, adjustable threads, salted hash verification, a user-friendly...

RouterOS Security Inspector

Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.

yara detection rules for hunting with the threathunting-keywords project

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

Awesome Security lists for SOC/CERT/CTI

Awesome list of keywords and artifacts for Threat Hunting sessions

Purpleteam scripts simulation & Detection - trigger events for SOC detections

A tool that shows detailed information about named pipes in Windows

This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people

Sigma detection rules for hunting with the threathunting-keywords project

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

A curated list of tools and resources that I use daily as a Purple-Team operator.

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

RouterOS Security Inspector

All-sources tool to search websites by favicons

Protection against HTML smuggling attempts.

ClatsCracker is a versatile Python password-cracking tool supporting over 15 hash algorithms. It offers dictionary or brute-force attacks, adjustable threads, salted hash verification, a user-friendly...

Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.

BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.

dll劫持、dll hijack、Bypass Antivirus、Red Team

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

E-mails, subdomains and names Harvester - OSINT

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

A collection of awesome security hardening guides, tools and other resources

Tools and Techniques for Blue Team / Incident Response

Awesome Security lists for SOC/CERT/CTI

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Rapidly Search and Hunt through Windows Forensic Artefacts

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?

用于Linux应急响应，快速排查异常用户登录情况和入侵信息排查，准确定位溯源时间线，高效辅助还原攻击链。

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

HardeningKitty - Checks and hardens your Windows configuration

Cyber Security ALL-IN-ONE Platform

TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台，为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境，主要用于Web站点的功能测试、安全测试和安全评估。

All-sources tool to search websites by favicons

RouterOS Security Inspector

Awesome Security lists for SOC/CERT/CTI

This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.

yara detection rules for hunting with the threathunting-keywords project

用于Linux应急响应，快速排查异常用户登录情况和入侵信息排查，准确定位溯源时间线，高效辅助还原攻击链。

A curated list of tools and resources that I use daily as a Purple-Team operator.

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Awesome list of keywords and artifacts for Threat Hunting sessions

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

Purpleteam scripts simulation & Detection - trigger events for SOC detections

🕵️‍♂️ Collect a dossier on a person by username from thousands of sites

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Sigma detection rules for hunting with the threathunting-keywords project

Generates logs of typical formats that would often be found in a SOC.

Powershell script deobfuscation using AST in Python

Hourly updated database of exploit and exploitation reports