blue-team

Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

A collection of awesome security hardening guides, tools and other resources

An Active Defense and EDR software to empower Blue Teams

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

🦄🔒 Awesome list of secrets in environment variables 🖥️

Respounder detects presence of responder in the network.

网络安全 · 攻防对抗 · 蓝队清单，中文版

AWS CloudSaga - Simulate security events in AWS

Detecting ATT&CK techniques & tactics for Linux

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Monitoring your Slack workspaces for sensitive information

Monitoring GitLab for sensitive data shared publicly

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Security Auditor Utility for GraphQL APIs

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config files.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Dorothy is a tool to test security monitoring and detection for Okta environments

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts's ip or fqdn with the sole purpose of testing your own network to ensure there are no malicious services running.

🗒️ A [work-in-progress] collection for interview questions for Information Security roles

Linux Rootkits (4.x Kernel)

Cloud Incident and Response Simulations

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.