ch33r10 / EnterprisePurpleTeaming

Related projects ⓘ

Alternatives and complementary repositories for EnterprisePurpleTeaming

• scythe-io / purple-team-exercise-framework
  Purple Team Exercise Framework
  ☆626Updated 10 months ago
• bluecapesecurity / PWF
  Practical Windows Forensics Training
  ☆618Updated 8 months ago
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆588Updated 5 months ago
• PlumHound / PlumHound
  Bloodhound Reporting for Blue and Purple Teams
  ☆1,125Updated last month
• Cyb3r-Monk / Threat-Hunting-and-Detection
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆643Updated last week
• blackhillsinfosec / EventLogging
  Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
  ☆465Updated this week
• Marshall-Hallenbeck / red_team_attack_lab
  Red Team Attack Lab for TTP testing & research
  ☆560Updated last year
• mandiant / Azure_Workshop
  ☆609Updated last year
• AndrewRathbun / DFIRMindMaps
  A repository of DFIR-related Mind Maps geared towards the visual learners!
  ☆514Updated 2 years ago
• iknowjason / PurpleCloud
  A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…
  ☆528Updated last week
• certsocietegenerale / IRM
  Incident Response Methodologies 2022
  ☆978Updated 9 months ago
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆529Updated 2 months ago
• rootsecdev / Azure-Red-Team
  Azure Security Resources and Notes
  ☆1,486Updated 5 months ago
• BushidoUK / Ransomware-Tool-Matrix
  A resource containing all the tools each ransomware gangs uses
  ☆763Updated 2 weeks ago
• lutzenfried / OffensiveCloud
  Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)
  ☆316Updated 3 weeks ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆473Updated last week
• redcanaryco / invoke-atomicredteam
  Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…
  ☆849Updated 3 weeks ago
• FalconForceTeam / FalconFriday
  Hunting queries and detections
  ☆731Updated 2 months ago
• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆768Updated last year
• Yamato-Security / EnableWindowsLogSettings
  Documentation and scripts to properly enable Windows event logs.
  ☆557Updated last year
• executemalware / Malware-IOCs
  ☆505Updated last month
• Johnng007 / Live-Forensicator
  A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
  ☆542Updated last month
• mthcht / awesome-lists
  Awesome Security lists for SOC/CERT/CTI
  ☆715Updated this week
• dafthack / GraphRunner
  A Post-exploitation Toolset for Interacting with the Microsoft Graph API
  ☆955Updated 2 weeks ago
• DefensiveOrigins / AtomicPurpleTeam
  Atomic Purple Team Framework and Lifecycle
  ☆283Updated 3 years ago
• cyberdefenders / DetectionLabELK
  DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
  ☆539Updated 2 years ago
• Kyuu-Ji / Awesome-Azure-Pentest
  A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.
  ☆1,014Updated 10 months ago
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques
  ☆310Updated 5 months ago
• ScarredMonk / SysmonSimulator
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆833Updated 2 years ago