#
blueteam
Here are 66 public repositories matching this topic...
An Information Security Reference That Doesn't Suck
windows
linux
osx
reverse-engineering
hacking
forensics
penetration-testing
infosec
pentesting
references
information-security
privilege-escalation
exfiltration
infosec-reference
red-team
blueteam
hacking-simulator
privilege-escalation-exploits
mitre-attack-db
-
Updated
May 26, 2020
Curated list of Unix binaries that can be exploited to bypass system security restrictions
linux
unix
reverse-shell
binaries
post-exploitation
bypass
exfiltration
blueteam
redteam
bind-shell
gtfobins
-
Updated
May 25, 2020 - HTML
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
-
Updated
May 14, 2020 - XSLT
Investigate malicious Windows logon by visualizing and analyzing Windows event log
-
Updated
May 7, 2020 - JavaScript
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
-
Updated
Dec 10, 2018 - XSLT
ethack
commented
Dec 20, 2019
Besides incoming blacklisted connections, external to internal traffic isn't super useful in any of our analysis modules. And incoming blacklisted connections is of questionable usefulness as well since the things that normally scan everything on the internet will also normally end up on blacklists. We're not trying to detect someone attacking coming in. We're trying to detect already compromised
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
-
Updated
May 22, 2020 - Python
Scan your code for security misconfiguration, search for passwords and secrets. 🔍
-
Updated
May 1, 2020 - JavaScript
-
Updated
Feb 1, 2020 - Python
chron0x
commented
Apr 10, 2020
I am a bit unsure if my config is correct.
When I start bXSS I get: bXSS listening on port undefined
- Should I also comment out
config.github = {};if I don't want to use it? - Should I change
config.url = process.env.url || 'mydoamin.com';toconfig.url = 'mydoamin.com';? - Do the pahts for letsencrypt need ticks, such as `config.letsEncrypt.publicKey = '/etc/letsencrypt/li
Open
Add Docker support
This repository contains full code examples from the book Gray Hat C#
c-sharp
security
automation
xamarin
dotnet
mono
clamav
sql-injection
pentesting
fuzzer
nessus
openvas
sqlmap
payload
arachni
nexpose
cuckoo-sandbox
metasploit
blueteam
redteam
-
Updated
Jul 21, 2017 - C#
Test Blue Team detections without running any attack.
-
Updated
Apr 29, 2020 - C#
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
hacking
forensics
penetration-testing
infrastructure-monitoring
forensic-analysis
blueteam
hacking-attack-tools
internal-pentest
redteaming
blue-team
redteam
hacking-tools
purpleteam
forensics-investigations
-
Updated
Aug 4, 2018 - Python
Bloodhound for Blue and Purple Teams
directory
active-directory
bloodhound
active
infosec
blueteam
purpleteam
bloodhoundad
bloodhoundad-cypher-queries
purple-teams
plumhound-tasks
-
Updated
Jun 1, 2020 - HTML
A Solution For Cross-Platform Obfuscated Commands Detection
-
Updated
Aug 21, 2019
Monitoring your Slack workspaces for sensitive information
slack
tools
monitoring
cybersecurity
infosec
slack-api
red-team
blueteam
blue-team
redteam
purpleteam
purple-team
slack-workspaces
-
Updated
Jun 2, 2020 - Python
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
-
Updated
Jan 17, 2020 - Shell
A collection of scripts I've written to help red and blue teams with malware persistence techniques.
-
Updated
May 30, 2018 - PowerShell
A PowerShell module to deploy active directory decoy objects.
-
Updated
Nov 17, 2019 - PowerShell
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically generate a userlist from the domain which excludes accounts that are expired, disabled locked out, or within 1 lockout attempt.
-
Updated
Mar 13, 2020 - PowerShell
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
-
Updated
Jul 25, 2019 - PowerShell
Search for Unix binaries that can be exploited to bypass system security restrictions.
python
linux
reverse-shell
binary
post-exploitation
bypass
privilege-escalation
exfiltration
blueteam
gtfo
security-tools
oscp
redteam
bind-shell
gtfobins
unix-binaries
-
Updated
May 25, 2020 - Python
openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as domain squatting, typo squatting, IDN homograph attacks, phishing and scams.
python
osint
phishing
domains
cybersecurity
domain-squat
typosquatting
blueteam
security-tools
threat-intelligence
homograph-attack
doppelganger
squatting
phishing-detection
cybersquatting
typo-squatting
domain-squatting
opensource-intelligence
idn-homograph-attacks
homograph-detection
-
Updated
May 27, 2020 - Python
Windows Hardening settings and configurations
windows
checklist
security
registry
powershell
audit
windows-10
hardening
defense
blueteam
windows-hardening
policy-analyzer
-
Updated
Jun 1, 2020 - PowerShell
A Lambda-powered Security Orchestration framework for AWS GuardDuty
aws
cloud
aws-lambda
incident-response
cybersecurity
siem
threatintel
aws-security
blueteam
cloudsecurity
soar
aws-guardduty
-
Updated
Dec 15, 2019 - Python
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
auditing
osint
incident-response
forensics
steganography
pentesting
compliance
malware-analysis
information-security
blueteam
redteam
-
Updated
Mar 15, 2020 - HTML
Improve this page
Add a description, image, and links to the blueteam topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the blueteam topic, visit your repo's landing page and select "manage topics."
Some modules and functions throughout the code base have little to no docstring, this should change!