CyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis
☆505Oct 16, 2025Updated 5 months ago
Alternatives and similar repositories for CyberBlue
Users that are interested in CyberBlue are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Interactive simulation of a fictional ransomware group's dashboard☆12Sep 30, 2024Updated last year
- INVENTORY é um painel web que exibe dados extraídos da API do Wazuh, via SysCollector. A solução oferece acesso rápido a detalhes do sis…☆47Jan 1, 2026Updated 2 months ago
- GitHub Action that generates and commits a live SVG world map of cyber threats using Shodan data.☆25Updated this week
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆36Mar 24, 2025Updated last year
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆730Feb 14, 2026Updated last month
- Captures network traffic app made in Rust.☆76Mar 6, 2026Updated 2 weeks ago
- VulScanner - is a powerful, multi-faceted tool designed for security professionals, developers, and penetration testers to perform automa…☆36Jul 29, 2025Updated 7 months ago
- Extracting IoC data from eMail☆141Jan 5, 2026Updated 2 months ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆32Dec 31, 2025Updated 2 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 5 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆47Jan 22, 2025Updated last year
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- 🛡️Awesome lists about all kinds of interesting topics of Wazuh XDR/SIEM☆86Feb 3, 2026Updated last month
- Data for CyberSOCEval, an LLM benchmark by Meta & CrowdStrike☆21Sep 22, 2025Updated 6 months ago
- Open Adversarial Exposure Validation Platform☆1,647Updated this week
- Convert Sigma rules to SIEM queries, directly in your browser.☆113Jan 24, 2026Updated 2 months ago
- Super light, super fast, unlimited search idea☆25Aug 3, 2025Updated 7 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆87Mar 6, 2025Updated last year
- An advanced, ultra-lightweight firewall orchestrator for Linux. SysWarden integrates Data-Shield IPv4 blocklists, Geo-Blocking, Spamhaus …☆84Updated this week
- AI-powered subdomain enumeration tool with local LLM analysis via Ollama - 100% private, zero API costs☆437Nov 21, 2025Updated 4 months ago
- ☆147Jun 9, 2025Updated 9 months ago
- Repo to hold wazuh manager mcp server☆75Sep 22, 2025Updated 6 months ago
- Blue Team Powershell Script☆18Nov 22, 2021Updated 4 years ago
- Data-Shield IPv4 Blocklist Community provides an official, curated registry of IPv4 addresses identified as malicious. Updated continuous…☆443Updated this week
- A Framework to Automatically Extract Indicators of Compromise (IoCs) from Twitter☆16Dec 9, 2019Updated 6 years ago
- Red Teaming Tradecraft☆32Sep 28, 2022Updated 3 years ago
- a small script to collect information from a management point☆37Jan 19, 2026Updated 2 months ago
- SwitchToOpen - The open source shift☆305Nov 21, 2025Updated 4 months ago
- Lightweight && straight forward command-line tool for searching and downloading exploits from Exploit-DB.☆48Jan 22, 2026Updated 2 months ago
- Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace☆24Jul 19, 2023Updated 2 years ago
- A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.☆441Feb 13, 2026Updated last month
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with built-in process inspect…☆217Updated this week
- Sniffing out well-known threat groups☆64Aug 13, 2024Updated last year
- A YARA & Malware Analysis Toolkit written in Rust.☆103Mar 17, 2026Updated last week
- Files to automatically deploy red team Active Directory test lab☆49May 6, 2022Updated 3 years ago
- ☆155Oct 2, 2025Updated 5 months ago
- Incident Response documents and tooling☆113Dec 23, 2025Updated 3 months ago
- example using NtCreateUserProcess in rust☆19Jan 20, 2025Updated last year