My external brain for cyber defense (WIP). A practical collection of field notes on hunting strategies and system principles. Documenting defensive mechanics and methods as I build this long-term library.
☆93Mar 29, 2026Updated last week
Alternatives and similar repositories for Blue_Team_Hunting_Field_Notes
Users that are interested in Blue_Team_Hunting_Field_Notes are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated 10 months ago
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11Feb 27, 2026Updated last month
- Windows Thingies in Python for live use.☆24Apr 22, 2019Updated 6 years ago
- The GDPR-compliant Privacy Policy template/sample provided at https://gdpr.eu, adapted into markdown format.☆13May 25, 2021Updated 4 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Advanced Threat Hunting: Ransomware Group☆28Jul 9, 2025Updated 9 months ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- ☆36Aug 7, 2021Updated 4 years ago
- ☆37Mar 2, 2026Updated last month
- Suricata rules for SCADA☆16Jun 4, 2022Updated 3 years ago
- Command generator for pentesting tools☆17Dec 2, 2024Updated last year
- ☆22May 1, 2025Updated 11 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆19Mar 3, 2022Updated 4 years ago
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆10Nov 4, 2022Updated 3 years ago
- Next major release of sniffMyPackets - Now with added packet loving☆12Mar 19, 2015Updated 11 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Blogseries on DevOps☆13Oct 19, 2023Updated 2 years ago
- Python based Office Macro Generator. Also does rudamentary obfuscation.☆12Jun 6, 2016Updated 9 years ago
- PowerShell-based Windows Server Security Audit Engine by Cyb3rint3l Labs. Measures alignment with the NIS2 directive and maps findings to…☆42Feb 1, 2026Updated 2 months ago
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 2 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆13Oct 26, 2017Updated 8 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Reverse engineered the villager pypi package to github repo for analysis☆26Sep 20, 2025Updated 6 months ago
- Examples of OpenPLC IEC 61131-3 Editor with CONTROLLINO☆21Dec 6, 2024Updated last year
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆191Apr 1, 2026Updated last week
- A Shiny Web App tutorial inspecting the COVID-19 (2019-nCoV) epidemic, data from https://github.com/CSSEGISandData/COVID-19/tree/master/c…☆10Apr 18, 2020Updated 5 years ago
- ☆11Jun 15, 2022Updated 3 years ago
- ☆13Apr 6, 2016Updated 10 years ago
- Understanding and analyzing carrier files workshop repo☆51Dec 4, 2019Updated 6 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆29Dec 7, 2025Updated 4 months ago
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated 11 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated last year
- ☆16Mar 22, 2023Updated 3 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- Obsidian vault notes collection on Ethical Hacking Tools and Techniques, HackTheBox, and HTB Academy☆10Aug 15, 2023Updated 2 years ago
- Splunk Alert Manager with advanced reporting on alerts, workflows (modify assignee, status, severity) and auto-resolve features☆82Apr 26, 2022Updated 3 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆18Oct 28, 2023Updated 2 years ago
- Website for ail-typo-squatting library☆72Feb 25, 2026Updated last month