My external brain for cyber defense (WIP). A practical collection of field notes on hunting strategies and system principles. Documenting defensive mechanics and methods as I build this long-term library.
☆102Jun 5, 2026Updated 3 weeks ago
Alternatives and similar repositories for Blue_Team_Hunting_Field_Notes
Users that are interested in Blue_Team_Hunting_Field_Notes are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated last year
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆12Feb 27, 2026Updated 4 months ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 8 years ago
- The GDPR-compliant Privacy Policy template/sample provided at https://gdpr.eu, adapted into markdown format.☆13May 25, 2021Updated 5 years ago
- Advanced Threat Hunting: Ransomware Group☆28Jul 9, 2025Updated 11 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A list of sources for OSINT in Uzbekistan☆23Jan 17, 2025Updated last year
- Parses the WMI object database....looking for persistence☆35Dec 12, 2019Updated 6 years ago
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- ☆36Aug 7, 2021Updated 4 years ago
- Windows Privilege Escalation☆25Jun 7, 2022Updated 4 years ago
- ☆38Mar 2, 2026Updated 3 months ago
- Suricata rules for SCADA☆16Jun 4, 2022Updated 4 years ago
- Command generator for pentesting tools☆16Dec 2, 2024Updated last year
- ☆22May 1, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆10Nov 4, 2022Updated 3 years ago
- Your Browser-based EVTX Companion☆120May 31, 2026Updated 3 weeks ago
- Next major release of sniffMyPackets - Now with added packet loving☆12Mar 19, 2015Updated 11 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated 2 years ago
- A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.☆23Jun 22, 2026Updated last week
- Automatically exported from code.google.com/p/checkout4mac☆13Oct 24, 2016Updated 9 years ago
- PowerShell-based Windows Server Security Audit Engine by Cyb3rint3l Labs. Measures alignment with the NIS2 directive and maps findings to…☆46Feb 1, 2026Updated 4 months ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 3 years ago
- Reverse engineered the villager pypi package to github repo for analysis☆26Sep 20, 2025Updated 9 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Examples of OpenPLC IEC 61131-3 Editor with CONTROLLINO☆21Dec 6, 2024Updated last year
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆201Apr 1, 2026Updated 2 months ago
- CVE PoCs☆21Jul 16, 2020Updated 5 years ago
- Extensible MacOS system telemetry generator.☆59Apr 12, 2026Updated 2 months ago
- Penetration Testing MCP for Claude Code. AI-assisted security testing with automated recon, service enumeration, and reporting.☆56Jun 2, 2026Updated 3 weeks ago
- A Shiny Web App tutorial inspecting the COVID-19 (2019-nCoV) epidemic, data from https://github.com/CSSEGISandData/COVID-19/tree/master/c…☆10Apr 18, 2020Updated 6 years ago
- ☆13Apr 6, 2016Updated 10 years ago
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated last year
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆12Apr 20, 2025Updated last year
- ☆16Mar 22, 2023Updated 3 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 4 years ago
- Obsidian vault notes collection on Ethical Hacking Tools and Techniques, HackTheBox, and HTB Academy☆10Aug 15, 2023Updated 2 years ago
- This will be the repo for the BTHb.☆32Jun 10, 2026Updated 2 weeks ago
- Splunk Alert Manager with advanced reporting on alerts, workflows (modify assignee, status, severity) and auto-resolve features☆82Apr 26, 2022Updated 4 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆18Oct 28, 2023Updated 2 years ago