Personal notes from Red teamer for Blue/Red/Purple.
☆57Feb 9, 2024Updated 2 years ago
Alternatives and similar repositories for RedBlueNotes
Users that are interested in RedBlueNotes are comparing it to the libraries listed below
Sorting:
- This repo shares blue team security notes and resources for detecting and preventing cyber attacks. Topics covered include email, file, l…☆52Apr 5, 2025Updated 10 months ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Purple Team Workshop by @jorgeorchilles☆12Apr 26, 2025Updated 10 months ago
- A PoC executing shellcode in Dart☆17Jun 28, 2022Updated 3 years ago
- A technique of hiding malicious shellcode via Shannon encoding.☆263Oct 23, 2022Updated 3 years ago
- A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Writte…☆28Apr 25, 2022Updated 3 years ago
- A PoC C2 tool utilizing Google Calendar events as a covert channel for communication between attacker and target.☆19Jun 22, 2023Updated 2 years ago
- Process Ghosting in C#☆219Jan 24, 2022Updated 4 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆88Sep 16, 2025Updated 5 months ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 3 years ago
- 🔅 Reverse shell written on python3☆14Dec 12, 2020Updated 5 years ago
- A tool for Pentesters & BugHunters to collect IPs of company, server, Operating System & many more☆13Dec 20, 2022Updated 3 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- I used the Templater community plugin in obsidian to automatically populate IP,username,password☆44Sep 11, 2023Updated 2 years ago
- ☆12Aug 25, 2023Updated 2 years ago
- DLL Unhooking☆13Mar 26, 2021Updated 4 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- A lightweight Python HTTP server with fuzzy filename matching and automatic fallback to directory listing.☆13Aug 28, 2025Updated 6 months ago
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆11May 31, 2022Updated 3 years ago
- Bypasses App-Bound Encryption to extract cookies, passwords, browsing history, autofill data, and payment info from Chromium-based browse…☆14Jan 6, 2026Updated last month
- Plunge into the depths of the web with Linkscraper! Uncover links, images, emails, and more swiftly, catering to researchers, developers,…☆11Nov 9, 2024Updated last year
- This PowerShell script applies a memory patch to bypass the Antimalware Scan Interface (AMSI), allowing unrestricted execution of PowerSh…☆14Jun 2, 2024Updated last year
- Weaponizing for privileged file writes bugs with PrintNotify Service☆136May 17, 2022Updated 3 years ago
- A list of windows potatoes!☆26Mar 6, 2022Updated 3 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆50Mar 2, 2022Updated 3 years ago
- Trojan written in C++ for Windows☆20Mar 12, 2024Updated last year
- ☆12Nov 3, 2020Updated 5 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- Proof Of Concept code for OctoberCMS Auth Bypass CVE-2021-32648☆12Jan 14, 2022Updated 4 years ago
- A collection of cybsecurity tools, software, libraries, learning tutorials, frameworks, academic and practical resources in security.☆18Feb 29, 2024Updated last year
- A program to steal user information through a simple link☆15May 19, 2023Updated 2 years ago
- ☆13Sep 8, 2024Updated last year
- Rust program for interfacing with the gigabyte driver to gain access to powerful primitives such as arbitrary kernel memcpy.☆17Nov 26, 2022Updated 3 years ago
- AI modular structure that provides automation-based attack and penetration☆14May 10, 2024Updated last year
- AMSI Bypass for powershell☆30Apr 26, 2022Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆158Jul 22, 2021Updated 4 years ago
- Cloud-based AD lab created to help you test real attacks in a controlled environment and create detection rules for them☆29Feb 23, 2024Updated 2 years ago