Personal notes from Red teamer for Blue/Red/Purple.
☆57Feb 9, 2024Updated 2 years ago
Alternatives and similar repositories for RedBlueNotes
Users that are interested in RedBlueNotes are comparing it to the libraries listed below
Sorting:
- This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, l…☆52Apr 5, 2025Updated 11 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- ☆12Nov 3, 2020Updated 5 years ago
- ☆28May 25, 2021Updated 4 years ago
- Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them☆29Feb 23, 2024Updated 2 years ago
- AMSI Bypass for powershell☆30Apr 26, 2022Updated 3 years ago
- A PoC executing shellcode in Dart☆16Jun 28, 2022Updated 3 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- A tool for Pentesters & BugHunters to collect IPs of company, server, Operating System & many more☆13Dec 20, 2022Updated 3 years ago
- A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Writte…☆28Apr 25, 2022Updated 3 years ago
- Process Ghosting in C#☆220Jan 24, 2022Updated 4 years ago
- 🔅 Reverse shell written on python3☆14Dec 12, 2020Updated 5 years ago
- DLL Unhooking☆13Mar 26, 2021Updated 4 years ago
- Weaponizing for privileged file writes bugs with PrintNotify Service☆136May 17, 2022Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- A technique of hiding malicious shellcode via Shannon encoding.☆265Oct 23, 2022Updated 3 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆88Sep 16, 2025Updated 6 months ago
- recover Firefox and more browsers logins☆49Nov 23, 2021Updated 4 years ago
- Purple Team Strategies, Published by Packt☆14Mar 2, 2026Updated 2 weeks ago
- Active Directory Purple Team Playbook☆116May 8, 2023Updated 2 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- A lightweight Python HTTP server with fuzzy filename matching and automatic fallback to directory listing.☆13Aug 28, 2025Updated 6 months ago
- Bypasses App-Bound Encryption to extract cookies, passwords, browsing history, autofill data, and payment info from Chromium-based browse…☆16Feb 27, 2026Updated 3 weeks ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆158Jul 22, 2021Updated 4 years ago
- A collection of cybsecurity tools, software, libraries, learning tutorials, frameworks, academic and practical resources in security.☆19Feb 29, 2024Updated 2 years ago
- ☆11Feb 14, 2025Updated last year
- You didn't think I'd go and leave the blue team out, right?☆1,736Jan 5, 2026Updated 2 months ago
- Defcon 28 - Red Team Village - Applied Purple Teaming - Why Can't We Be Friends☆26Aug 9, 2020Updated 5 years ago
- OllaDeck is a purple technology stack for Generative AI (text modality) cybersecurity. It provides a comprehensive set of tools for both …☆18Sep 21, 2024Updated last year
- Challenge 1 of The Auror Project - Setup AD Lab automatically☆12Apr 26, 2022Updated 3 years ago
- Assorted scripts I made for Red Teaming / Pen Testing☆14Jun 15, 2024Updated last year
- neat way to detect memory read using nt layer function.☆14Aug 4, 2023Updated 2 years ago
- Prototype program to decode a video file looking for exploits/malware.☆17Jul 26, 2020Updated 5 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- AD concepts, attack surfaces and attack vectors notes, slides, video...☆16Dec 6, 2024Updated last year
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- A PoC C2 tool utilizing Google Calendar events as a covert channel for communication between attacker and target.☆19Jun 22, 2023Updated 2 years ago
- Extracting Syscall Stub, Modernized☆65Apr 2, 2022Updated 3 years ago