My external brain for cyber defense (WIP). A practical collection of field notes on hunting strategies and system principles. Documenting defensive mechanics and methods as I build this long-term library.
☆76Mar 17, 2026Updated this week
Alternatives and similar repositories for Blue_Team_Hunting_Field_Notes
Users that are interested in Blue_Team_Hunting_Field_Notes are comparing it to the libraries listed below
Sorting:
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated 10 months ago
- Windows Thingies in Python for live use.☆24Apr 22, 2019Updated 6 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 8 months ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- bitCollector - DFIR (Digital Forensics and Incident Response) Triage Collector☆13Aug 18, 2025Updated 7 months ago
- ☆36Aug 7, 2021Updated 4 years ago
- 굉굉아요☆10Apr 5, 2024Updated last year
- ☆37Mar 2, 2026Updated 2 weeks ago
- ☆19Mar 13, 2024Updated 2 years ago
- Bug Hunting Handbook☆11Aug 11, 2022Updated 3 years ago
- Read the KakaoTalk message using Android System API (notification/screen)☆13May 18, 2022Updated 3 years ago
- Your Browser-based EVTX Companion☆114Mar 2, 2026Updated 2 weeks ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆19Mar 3, 2022Updated 4 years ago
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆10Nov 4, 2022Updated 3 years ago
- iPhone Forensics Tool☆16Nov 29, 2024Updated last year
- Next major release of sniffMyPackets - Now with added packet loving☆12Mar 19, 2015Updated 11 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Automatically exported from code.google.com/p/checkout4mac☆13Oct 24, 2016Updated 9 years ago
- Extensible MacOS system telemetry generator.☆53Mar 1, 2026Updated 2 weeks ago
- PowerShell-based Windows Server Security Audit Engine by Cyb3rint3l Labs. Measures alignment with the NIS2 directive and maps findings to…☆42Feb 1, 2026Updated last month
- A collection of powershell scripts that are designed to be ran from a Microsoft Defender for Endpoint Live Response terminal, utilizing o…☆12Apr 26, 2023Updated 2 years ago
- 어서오세요 빵집입니다 🧑🍳☆16Jan 20, 2025Updated last year
- This repository contains tools for decrypting and viewing iOS iTunes Backup files, along with code to extract and analyze various artifac…☆24Jul 27, 2025Updated 7 months ago
- Sysmon Config Pusher - Modernized☆34Jan 7, 2026Updated 2 months ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆13Oct 26, 2017Updated 8 years ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆180Jan 20, 2026Updated 2 months ago
- Reverse engineered the villager pypi package to github repo for analysis☆26Sep 20, 2025Updated 6 months ago
- CVE PoCs☆21Jul 16, 2020Updated 5 years ago
- A Shiny Web App tutorial inspecting the COVID-19 (2019-nCoV) epidemic, data from https://github.com/CSSEGISandData/COVID-19/tree/master/c…☆10Apr 18, 2020Updated 5 years ago
- ☆11Jun 15, 2022Updated 3 years ago
- ☆13Apr 6, 2016Updated 9 years ago
- Understanding and analyzing carrier files workshop repo☆51Dec 4, 2019Updated 6 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆30Dec 7, 2025Updated 3 months ago
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated 10 months ago
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated 11 months ago
- ☆12Apr 20, 2025Updated 11 months ago