Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with blue-team
A curated list of projects in awesome lists tagged with blue-team .
https://github.com/trusted-ai/adversarial-robustness-toolbox
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
adversarial-attacks adversarial-examples adversarial-machine-learning ai artificial-intelligence attack blue-team evasion extraction inference machine-learning poisoning privacy python red-team trusted-ai trustworthy-ai
Last synced: 16 Dec 2024
https://github.com/Trusted-AI/adversarial-robustness-toolbox
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
adversarial-attacks adversarial-examples adversarial-machine-learning ai artificial-intelligence attack blue-team evasion extraction inference machine-learning poisoning privacy python red-team trusted-ai trustworthy-ai
Last synced: 28 Oct 2024
https://github.com/meitar/awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
awesome-list blue-team computer-security cybersecurity defensive-security infosec security
Last synced: 13 Oct 2024
https://github.com/a-poc/blueteam-tools
Tools and Techniques for Blue Team / Incident Response
blue-team blueteam cheatsheet cyber-security defender incident incident-response malware-analysis resources tools vulnerability-management wiki
Last synced: 19 Dec 2024
https://github.com/A-poc/BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
blue-team blueteam cheatsheet cyber-security defender incident incident-response malware-analysis resources tools vulnerability-management wiki
Last synced: 07 Nov 2024
https://github.com/cisagov/RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
blue-team cybersecurity red-team
Last synced: 30 Oct 2024
https://github.com/cisagov/redeye
RedEye is a visual analytic tool supporting Red & Blue Team operations
blue-team cybersecurity red-team
Last synced: 26 Sep 2024
https://github.com/bashfuscator/bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team
Last synced: 21 Dec 2024
https://github.com/Bashfuscator/Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team
Last synced: 21 Nov 2024
https://github.com/mytechnotalent/hacking-windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
assembler assembly blue-team cplusplus cpp cyber cyber-threat-intelligence cybersecurity hack hacking ida ida-pro idapro microsoft-windows reverse-engineering training training-material training-materials win32api windows
Last synced: 17 Dec 2024
https://github.com/mytechnotalent/Hacking-Windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
assembler assembly blue-team cplusplus cpp cyber cyber-threat-intelligence cybersecurity hack hacking ida ida-pro idapro microsoft-windows reverse-engineering training training-material training-materials win32api windows
Last synced: 31 Oct 2024
https://github.com/Qianlitp/WatchAD
AD Security Intrusion Detection System
active-directory blue-team defcon27 event-log intrusion-detection-system kerberos ntlm python3 security watchad
Last synced: 03 Nov 2024
https://github.com/qianlitp/watchad
AD Security Intrusion Detection System
active-directory blue-team defcon27 event-log intrusion-detection-system kerberos ntlm python3 security watchad
Last synced: 25 Sep 2024
https://github.com/viralmaniar/bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming
Last synced: 16 Dec 2024
https://github.com/ion28/bluespawn
An Active Defense and EDR software to empower Blue Teams
active-defense anti-virus blue-team edr mitre-attack security security-tools threat-hunting windows
Last synced: 15 Dec 2024
https://github.com/Viralmaniar/BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
blue-team bugbounty bugbounty-tool bugbountytips cybersecurity offensive-security osint pentest-tool pentesting purple-team purple-teams recon reconnaissance red-team red-teaming
Last synced: 21 Nov 2024
https://github.com/ION28/BLUESPAWN
An Active Defense and EDR software to empower Blue Teams
active-defense anti-virus blue-team edr mitre-attack security security-tools threat-hunting windows
Last synced: 01 Nov 2024
https://github.com/netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure azure-sentinel blue-team cybersecurity detection kql logging mitre-attack security-tools siem sysmon sysmon-config terraform-azure threat-hunting workbooks
Last synced: 15 Dec 2024
https://github.com/TryCatchHCF/DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
automation blue-team blue-teams hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting red-team red-teams security security-tools
Last synced: 30 Oct 2024
https://github.com/atenreiro/opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
blue-team cybersecurity cybersquatting domain-name domain-squatting homograph-attack infosec malware osint phishing phishing-detection phishing-domains python scanner security-tools threat-hunting threat-intelligence typosquatting
Last synced: 21 Nov 2024
https://github.com/awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
aws blue-team incident-response-tooling purple-team red-teaming security security-audit
Last synced: 05 Nov 2024
https://github.com/dolevf/graphql-cop
Security Auditor Utility for GraphQL APIs
auditing blue-team graphql hacking hardening penetration-testing red-team security
Last synced: 15 Dec 2024
https://github.com/codeexpress/respounder
Respounder detects presence of responder in the network.
attack-defense attack-prevention blue-team computer-security golang hackers llmnr network-security network-security-monitoring responder
Last synced: 13 Nov 2024
https://github.com/PaperMtn/slack-watchman
Slack enumeration and exposed secrets detection tool
blue-team blueteam cybersecurity infosec monitoring purple-team purpleteam red-team redteam slack slack-api slack-workspaces tools
Last synced: 18 Nov 2024
https://github.com/papermtn/slack-watchman
Slack enumeration and exposed secrets detection tool
blue-team blueteam cybersecurity infosec monitoring purple-team purpleteam red-team redteam slack slack-api slack-workspaces tools
Last synced: 20 Dec 2024
https://github.com/activecm/rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
anomaly-detection beacons blue-team c2 c2-detection command-and-control cyber-security incident-response intrusion-detection log-analysis network-monitoring network-traffic-analysis security-tools threat-hunting threat-intelligence zeek
Last synced: 18 Dec 2024
https://github.com/viralmaniar/remote-desktop-caching-
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
blue-team blueteam forensic-analysis forensics forensics-investigations hacking hacking-attack-tools hacking-tools infrastructure-monitoring internal-pentest penetration-testing purpleteam redteam redteaming
Last synced: 10 Nov 2024
https://github.com/papermtn/gitlab-watchman
Finding exposed secrets and personal data in GitLab
blue-team blueteam cybersecurity data-loss-prevention dlp gitlab gitlab-api gitlab-watchman infosec monitoring purple-team purpleteam red-team redteam tools
Last synced: 15 Dec 2024
https://github.com/PaperMtn/gitlab-watchman
Finding exposed secrets and personal data in GitLab
blue-team blueteam cybersecurity data-loss-prevention dlp gitlab gitlab-api gitlab-watchman infosec monitoring purple-team purpleteam red-team redteam tools
Last synced: 08 Nov 2024
https://github.com/softrams/bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
angular application-security appsec blue-team bugbounty express nodejs penetration-testing-tools pentesting red-team security-tool security-tools typeorm typescript vulnerability-assessment vulnerability-management vulnerability-report vulnerability-research webappsec
Last synced: 21 Nov 2024
https://github.com/elastic/dorothy
Dorothy is a tool to test security monitoring and detection for Okta environments
blue-team cybersecurity infosec red-team security security-tools
Last synced: 17 Dec 2024
https://github.com/PI-Defender/pi-defender
Kernel Security driver used to block past, current and future process injection techniques on Windows Operating System.
anti-injection anti-malware antivirus blue-team defense driver kernel malware process-injection security windows
Last synced: 09 Nov 2024
https://github.com/pbnj/infosec-interview-questions
🗒️ A [work-in-progress] collection for interview questions for Information Security roles
application-security blue-team information-security infosec interview questions red-team
Last synced: 18 Nov 2024
https://github.com/iknowjason/BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
blue-team cyber-range cyberrange dfir dfir-automation edr-testing pentesting purpleteam
Last synced: 18 Nov 2024
https://github.com/iknowjason/bluecloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
blue-team cyber-range cyberrange dfir dfir-automation edr-testing pentesting purpleteam
Last synced: 13 Nov 2024
https://github.com/fierceoj/ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
blue-team exploits information-gathering malware-detection malware-identification penetration-testing pentesting pre-configure purple-team reconnaissance red-team scanning security-research security-tools shodan shodan-api shodan-python shonydanza vulnerability-detection vulnerability-identification
Last synced: 21 Nov 2024
https://github.com/sensepost/notruler
The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
blue-team security-audit security-tools
Last synced: 09 Nov 2024
https://github.com/paulveillard/cybersecurity-red-team
An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Red Team (Offensive) in Cybersecurity.
blue-team cybersecurity penetration-resistance-modeling penetration-testing red-team red-teaming red-teams security-tools security-vulnerability-assessment technical-analysis threat-intelligence threat-modeling
Last synced: 07 Dec 2024
https://github.com/tobor88/PowerShell-Blue-Team
Collection of PowerShell functinos and scripts a Blue Teamer might use
blue-team blue-teams blueteam cve cve-search defense dns-over-https doh powershell powershell-blue-team
Last synced: 01 Nov 2024
https://github.com/papermtn/github-watchman
Monitoring GitHub for sensitive data shared publicly
blue-team blueteam cybersecurity data-loss-prevention dlp github github-api infosec monitoring purple-team purpleteam red-team redteam tools
Last synced: 19 Nov 2024
https://github.com/PaperMtn/github-watchman
Monitoring GitHub for sensitive data shared publicly
blue-team blueteam cybersecurity data-loss-prevention dlp github github-api infosec monitoring purple-team purpleteam red-team redteam tools
Last synced: 19 Nov 2024
https://github.com/chaitin/mimicry
Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
backdoor blue-team brute-force deception honeypot incident-response security security-tools waf webshell
Last synced: 05 Nov 2024
https://github.com/edoardottt/depsdev
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
blue-team cargo defensive-security dependency dependency-management dependency-scanning dependency-security go go-module golang-module hacktoberfest maven npm npm-module nuget package-security pypi sbom sbom-generator security
Last synced: 27 Oct 2024
https://github.com/damonmohammadbagher/etwnetmonv3
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
blue-team blueteam csharp-code defensive defensivetool detection etw etw-monitoring-threads meterpreter networkmonitor tcpv4 tcpview threat-hunting
Last synced: 12 Oct 2024
https://github.com/beyarz/portforge
Lightweight utility to fool port scanners
blue-team defense port-scan port-scanner port-scanning protection reconnaissance
Last synced: 27 Oct 2024
https://github.com/Beyarz/Portforge
Lightweight utility to fool port scanners
blue-team defense port-scan port-scanner port-scanning protection reconnaissance
Last synced: 31 Oct 2024
https://github.com/0xlane/pe-sign
A cross-platform rust no-std library for verifying and extracting signature information from PE files.
blue-team certificate openssl portable-executable rust signature
Last synced: 17 Dec 2024
https://github.com/edoardottt/boggart
Highly customizable low-interaction experimental honeypot that mimics specific hosts.
attack-detection blue-team brute-force cyber-defense defense defensive-security dos-attack hacktoberfest honeypot honeypot-http honeypots log-analysis network network-analysis network-security network-security-monitoring security security-tools web-security
Last synced: 27 Oct 2024
https://github.com/papermtn/slack-watchman-enterprise-grid
Monitoring your Slack Enterprise Grid for sensitive information
blue-team blueteam cybersecurity dlp infosec monitoring purple-team purpleteam red-team redteam security slack slack-api slack-enterprise-grid tools
Last synced: 19 Nov 2024
https://github.com/alexfrancow/isoc
:bar_chart: Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.
blue-team bugbounty bugbounty-tool cybersecurity docker docker-compose elasticsearch elk kibana mongodb openvas python3 red-team security-operations siem vulnerability-detection w3af zabbix
Last synced: 20 Nov 2024
https://github.com/whoamins/SPN-Honeypot
Example of Kerberoasting Honeypot
active-directory blue-team cybersecurity kerberoasting kerberos powershell security windows
Last synced: 21 Nov 2024
https://github.com/hupe1980/awsrecon
Tool for reconnaissance of AWS cloud environments
audit aws aws-security blue-team cloud-security cybersecurity pentesting-tools reconnaissance red-team
Last synced: 07 Dec 2024
https://github.com/iteratec/kcwarden
Keycloak Configuration Auditor
blue-team keycloak oauth2 oidc red-team security-scanner
Last synced: 09 Nov 2024
https://github.com/hupe1980/scan4log4shell
Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system
auth blue-team cve-2021-44228 cve-2021-45046 cve-2021-45105 dns form-detection fuzzing log4j log4shell rce red-team scanner vulnerability waf-bypass
Last synced: 07 Dec 2024
https://github.com/paulveillard/cybersecurity-blue-team
A collection of awesome software, libraries, learning tutorials, documents and books, technical resources and cool stuff about Blue Team in Cybersecurity.
blue blue-team cyber-threat-intelligence cybernetics cybersecurity vulnerabilities vulnerability-identification vulnerability-management vulnerability-research vulnerability-scanners vulnerability-scanning
Last synced: 07 Dec 2024
https://github.com/arthepsy/linux-portable-bin
Portable (static / old glibc linked) Linux binaries for red-team / blue-team
binaries blue-team ctf glibc linux pentesting portable red-team static
Last synced: 12 Nov 2024
https://github.com/anlominus/anyteam
AnyTeam - Red Team | Purple Team | Blue Team
anyteam blue-team purple-team red-team
Last synced: 03 Dec 2024
https://github.com/codexlynx/osquery-graphene
OSQuery GraphQL web service.
blue-team graphql incident-response osquery security
Last synced: 10 Nov 2024
https://github.com/leboncoin/patrowl-slack-reporter
This tool gets the last assets found on PatrOwl, scans them and reports them on Slack
Last synced: 16 Nov 2024
https://github.com/crimsonlabs-io/Cache
An arms cache for security consultants, red teams and penetration testers. Sometimes for defenders too.
blue-team hacking penetration-test post-exploitation red-team security-consultants security-tools
Last synced: 21 Nov 2024
https://github.com/idrinth/1984
A small tool to remotely track bash histories
bash-history blue-team linux-app logging monitoring remote restful root surveillance
Last synced: 25 Oct 2024
https://github.com/ishanoshada/lfi
A side note about LFI and Leaking the php source of some sites
blue-team cyber-security cybersecurity lfi owasp web-attack
Last synced: 06 Nov 2024
https://github.com/jupyterj0nes/sabonis
Sabonis, a Digital Forensics and Incident Response pivoting tool
blue-team dfir dfir-automation digital-forensics incident-response
Last synced: 23 Nov 2024
https://github.com/0xflux/sanctum
Sanctum is a proof-of-concept EDR like tool, designed to detect modern malware techniques, above and beyond the capabilities of antivirus. Built in Rust.
antivirus antivirus-software blue-team cyber-security driver edr kernel-driver malware-analysis malware-research red-team rust rust-driver rust-edr rust-windows rust-windows-driver tauri tauri-app windows-driver windows-rust
Last synced: 05 Nov 2024
https://github.com/codexlynx/envoy-filter-log4shell
:syringe: Plugable Envoy WebAssembly L7 (HTTP) firewall to prevent log4shell vulnerability injections.
blue-team cve-2021-44228 envoy istio log4shell waf wasm webassembly
Last synced: 10 Nov 2024
https://github.com/dmdhrumilmistry/breach-check
Python tool which checks for data breaches for provided emails
blue-team breach-check breaches dmdhrumilmistry hacking hacking-tool recon-tool reconnaissance
Last synced: 15 Dec 2024
https://github.com/0x48piraj/wapparalyser
Fuzzing and fooling Wappalyzer. Released at BSides Delhi 2019.
blue-team research-tool security tool
Last synced: 10 Nov 2024
https://github.com/0xdeafbeef/maxpatrolparser
MaxPatrol 8 xml parser
blue-team maxpatrol mp8 positve-technologies pt vulnerability-management
Last synced: 25 Nov 2024
https://github.com/fluggo/investigator
Elasticsearch-based log search and wiki application
active-directory blue-team elasticsearch ldap log-search logging netflow security-tools syslog wiki windows-eventlog
Last synced: 27 Nov 2024
https://github.com/edoardottt/rfdos-scanner
Response Filter Denial of Service (RFDoS) Experimental Scanner
blue-team defensive-security denial-of-service dos hacking nuclei nuclei-templates offensive offensive-security red-team-tools red-teaming red-teaming-tools research-project rfdos waf
Last synced: 11 Nov 2024
https://github.com/hupe1980/fakedns
Tiny DNS proxy for Penetration Testers and Malware Analysts
blue-team dns dns-server fakedns proxy rebind red-team resolver round-robin
Last synced: 17 Dec 2024
https://github.com/vvv-keys/keyshardenedencrypter
Credit @Anonymous ~ | H-A-D-C-P | [Read.ME ]
anonymous blue-team computer-science computer-vision computerscience cyber-security cybersecurity educational enlightenment learning learningprocesses ops project technology technology-management tools
Last synced: 23 Nov 2024
https://github.com/juanse77/fake-new-domains
Fake domains inspector
antiphishing blue-team fake-domains phishing
Last synced: 12 Nov 2024
https://github.com/awais922609/lets-defend-solutions
The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.
blue-team incident-handling incident-response lets-defend security-operations-center siem
Last synced: 10 Dec 2024
https://github.com/txuswashere/blueteam
Blue Team resources and tools
blue-team blue-teaming blue-teaming-tools blue-teams blueteam blueteam-tools blueteaming
Last synced: 03 Dec 2024
https://github.com/mauricelambert/system32renamebackdoor
This repository implements a check on System32 executable files to detect backdoor by renamed file
backdoor blue-team cmd detection forensics incident-response investigation soc
Last synced: 14 Nov 2024
https://github.com/codexlynx/iocs
Threat Intelligence & Indicators of Compromise repository.
blue-team indicators-of-compromise iocs threat-intelligence
Last synced: 10 Nov 2024
https://github.com/papermtn/stack-overflow-watchman
Monitoring Stack Overflow Enterprise for exposed secrets
blue-team blueteam cybersecurity infosec monitoring purple-team purpleteam red-team redteam stackoverflow watchman
Last synced: 19 Nov 2024
https://github.com/vm32/firewall-rule-management-script
Bash script aids in the effective management of firewall rules
blue-team cyber-security firewall firewall-rules security
Last synced: 15 Nov 2024
