Open Source Libs
Find Open Source Packages
Open Source Libraries
👉
Blueteam
99 Open Source Blueteam Software Projects
Free and open source blueteam code projects including engines, APIs, generators, and tools.
Theharvester
6333 ⭐
E-mails, subdomains and names Harvester - OSINT
Gtfobins.github.io
6200 ⭐
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Infosec_reference
4205 ⭐
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Lolbas Project Lolbas
3923 ⭐
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Logontracer
1937 ⭐
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Lolbas
1519 ⭐
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Rita
1754 ⭐
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Ultimateapplockerbypasslist
1374 ⭐
The goal of this repository is to document the most common techniques to bypass AppLocker.
Slackpirate
606 ⭐
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Repo Supervisor
548 ⭐
Scan your code for security misconfiguration, search for passwords and secrets. :mag:
1earn
2490 ⭐
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Pidense
396 ⭐
🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Bxss
353 ⭐
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Gray_hat_csharp_code
325 ⭐
This repository contains full code examples from the book Gray Hat C#
Plumhound
585 ⭐
Bloodhound for Blue and Purple Teams
Blueshell
610 ⭐
红蓝对抗跨平台远控工具
Malwless
239 ⭐
Test Blue Team detections without running any attack.
Blue Team
204 ⭐
Blue Team Scripts
Remote Desktop Caching
190 ⭐
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Slack Watchman
183 ⭐
Monitoring your Slack workspaces for sensitive information
Flerken
148 ⭐
A Solution For Cross-Platform Obfuscated Commands Detection presented on CIS2019 China. 动静态Bash/CMD/PowerShell命令混淆检测框架 - CIS 2019大会
Cypheroth
218 ⭐
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Smogcloud
253 ⭐
Find cloud assets that no one wants exposed 🔎 ☁️
Malwarepersistencescripts
110 ⭐
A collection of scripts I've written to help red and blue teams with malware persistence techniques.
Deploy Deception
137 ⭐
A PowerShell module to deploy active directory decoy objects.
Threathunt
107 ⭐
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Information Security Tasks
133 ⭐
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Windows_hardening
597 ⭐
Windows Hardening settings and configurations
Opensquat
209 ⭐
Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
T0thkr1s Gtfo
88 ⭐
Search for Unix binaries that can be exploited to bypass system security restrictions.
Falconfriday
278 ⭐
Bi-weekly hunting queries
Gdpatrol
45 ⭐
A Lambda-powered Security Orchestration framework for AWS GuardDuty
Qradar
41 ⭐
Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Piuser
29 ⭐
👨💻🕵🏻👩💻 Analyze user behavior against fake access points📡
Bootsy
30 ⭐
Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.
Audibleblink Bothan
27 ⭐
Is this IP a C2 server?
Opensource Endpoint Monitoring
25 ⭐
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
Cve 2018 4407
24 ⭐
IOS/MAC Denial-Of-Service [POC/EXPLOIT FOR MASSIVE ATTACK TO IOS/MAC IN NETWORK]
Secsuite Production
13 ⭐
A public repository for the #Secsuite project. Created & maintained by @ghostinthecable.
Find Lolbas
13 ⭐
Simple powershell script to find living off land binaries and scripts on a system.
Mutesysmon
15 ⭐
A PowerShell script to prevent Sysmon from writing its events
Kathe
17 ⭐
A GUI/REST interface to find similarities in large sets (think: binaries). Based on ssdeep.
Ipfix Rita
10 ⭐
Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis
Atc Mitigation
13 ⭐
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
X33fcon
31 ⭐
Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
Purple Team Exercise Framework
161 ⭐
Purple Team Exercise Framework
Cpldropper
29 ⭐
A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just double click them.
Snooppr Snoop
1263 ⭐
Snoop — инструмент разведки на основе открытых данных (OSINT world)
Gitlab Watchman
152 ⭐
Monitoring GitLab for sensitive data shared publicly
Github Watchman
53 ⭐
Monitoring GitHub for sensitive data shared publicly
Bank_mitigations
14 ⭐
Anti keylogger, anti screen logger... Strategy to protect with hookings or improve your sandbox with spyware detection... - Demo
Hardeningkitty
136 ⭐
Invoke-HardeningKitty - Checks and hardens your Windows configuration
Defaultcreds Cheat Sheet
2128 ⭐
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Awesome Security Hardening
935 ⭐
A collection of awesome security hardening guides, tools and other resources
Microsoftwontfixlist
851 ⭐
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Xiecat Goblin
761 ⭐
一款适用于红蓝对抗中的仿真钓鱼系统
Wadcoms.github.io
679 ⭐
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
Adalanche
546 ⭐
Active Directory ACL Visualizer and Explorer - who's really Domain Admin?
Secure Coding Handbook
312 ⭐
Web Application Secure Coding Handbook resource.
Redteam_blueteam_hw
412 ⭐
红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
Loseys Oblivion
301 ⭐
Data leak checker & OSINT Tool
The_cyber_plumbers_handbook
1776 ⭐
Free copy of The Cyber Plumber's Handbook
Boobsnail
212 ⭐
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
Macos Attack Dataset
131 ⭐
JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
Tweetfeed
155 ⭐
Collecting IOCs posted on Twitter
Rew Sploit
108 ⭐
Emulate and Dissect MSF and *other* attacks
Exchange_webshell_detection
96 ⭐
Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
Crack O Matic
86 ⭐
Find and notify users in your Active Directory with weak passwords
Evileye
82 ⭐
A BeaconEye implement in Golang. It is used to detect the cobaltstrike beacon from memory and extract some configuration.
Packetsiftertool
75 ⭐
PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Packetsifter accepts a pcap as an argument and outputs several files.
Etwprocessmon2
55 ⭐
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Getinjectedthreads
42 ⭐
C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
Viralmaniar Murmurhash
54 ⭐
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Nist To Tech
44 ⭐
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Abwhose
41 ⭐
The simplest way to find how to report abusive domains
Blue Team Notes
47 ⭐
You didn't think I'd go and leave the blue team out, right?
Blue Team Tools
34 ⭐
A collection of scripts, tools. and configs for various OS'es and applications, all free and or open-source, to assist in impromptu Blue-Team defense under an active threat.
Powershell Blue Team
32 ⭐
Collection of PowerShell functinos and scripts a Blue Teamer might use
Btps Secpack
25 ⭐
This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommendations of multiple cyber security researchers at Microsoft. These tools were created with a small to medium size enterprise environment in mind as smaller organizations do not always have the type of funding available to overly spend on security. The goal of this project is to help add value to an smaller organizations security by creating more visibility for the average IT Administrator. Organizations with 1,000’s of devices may find that this entire suite does not apply to them.
Osintbookmarks
23 ⭐
OSINT Bookmarks for Firefox / Chrome / Edge / Safari
Ioccheck
19 ⭐
A tool for simplifying the process of researching IOCs.
Dummydll
18 ⭐
Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Goblyn
30 ⭐
Goblyn is a Python tool focused to enumeration and capture of website files metadata.
Bluesploit
20 ⭐
BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
Etwnetmonv3
19 ⭐
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Securityinbits Cheatsheet
18 ⭐
These are some of the commands which I use frequently during Malware Analysis and DFIR.
Cobaltstrike Tools
15 ⭐
Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
Pooroperationalsecuritypractices
11 ⭐
Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.
Securityinbits Blog Posts
10 ⭐
Contain code referred in https://www.securityinbits.com/
Strikewriter
10 ⭐
Looks up details on a public IPV4 address against ip-info and blacklist-search sites. Providing a reputation check.
Psget Domain Mailinfo
10 ⭐
PowerShell script to get domain mail info and control status such as MX, SPF, DKIM, DMARC and StartTLS.
Not Anti Virus
10 ⭐
An attmept to block malware before AV scans it.
Mal Cl
207 ⭐
MAL-CL (Malicious Command-Line)
Bluelay
23 ⭐
Searches online paste sites for certain search terms which can indicate a possible data breach.
Ad Privileged Audit
20 ⭐
Provides various Windows Server Active Directory (AD) security-focused reports.
365
10 ⭐
OSINT, Threat Hunting, Network and Web Recon, Discovery, Enumeration, Vulnerability Mapping, Exploitation, Reporting
Epagneul
46 ⭐
Graph Visualization for windows event logs
Pyc2bytecode
64 ⭐
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Blueteam.lab
15 ⭐
Blue Team detection lab created with Terraform and Ansible.