Trending repositories for topic blueteam
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Rapidly Search and Hunt through Windows Forensic Artefacts
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
Investigate malicious Windows logon by visualizing and analyzing Windows event log
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Rapidly Search and Hunt through Windows Forensic Artefacts
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
HardeningKitty - Checks and hardens your Windows configuration
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
Investigate malicious Windows logon by visualizing and analyzing Windows event log
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Rapidly Search and Hunt through Windows Forensic Artefacts
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Investigate malicious Windows logon by visualizing and analyzing Windows event log
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Rapidly Search and Hunt through Windows Forensic Artefacts
Hourly updated database of exploit and exploitation reports
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
HardeningKitty - Checks and hardens your Windows configuration
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
Rapidly Search and Hunt through Windows Forensic Artefacts
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Investigate malicious Windows logon by visualizing and analyzing Windows event log
A collection of awesome security hardening guides, tools and other resources
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
A curated list of tools useful within the field of cyber security, for both blue and red team operations.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
Purpleteam scripts simulation & Detection - trigger events for SOC detections
This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.
yara detection rules for hunting with the threathunting-keywords project
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Awesome list of keywords and artifacts for Threat Hunting sessions
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
Offline command line tool that searches for GTFOBins binaries that can be used to bypass local security restrictions in misconfigured systems.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
A collection of awesome security hardening guides, tools and other resources
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Rapidly Search and Hunt through Windows Forensic Artefacts
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
HardeningKitty - Checks and hardens your Windows configuration
yara detection rules for hunting with the threathunting-keywords project
This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, log, malware, memory forensics, and packet analysis.
A curated list of tools and resources that I use daily as a Purple-Team operator.
This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.
Awesome list of keywords and artifacts for Threat Hunting sessions
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Sigma detection rules for hunting with the threathunting-keywords project
Purpleteam scripts simulation & Detection - trigger events for SOC detections
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
🕵️♂️ Collect a dossier on a person by username from thousands of sites
Hourly updated database of exploit and exploitation reports
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)