A collection of hunting and blue team scripts. Mostly others, some my own.
☆38Jan 8, 2023Updated 3 years ago
Alternatives and similar repositories for Hunting-Scripts
Users that are interested in Hunting-Scripts are comparing it to the libraries listed below
Sorting:
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Mar 25, 2015Updated 10 years ago
- ☆53May 21, 2018Updated 7 years ago
- Blue Team Powershell Script☆18Nov 22, 2021Updated 4 years ago
- An agent that performs user actions on a workstation☆13Jan 22, 2018Updated 8 years ago
- PoC for CVE-2020-1015☆39May 16, 2020Updated 5 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Feb 23, 2016Updated 10 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- a repo for utilizing a base64 like encoding scheme + AES Encryption using Emojis☆13Mar 16, 2025Updated last year
- Automated forensics written in PowerShell☆34Sep 29, 2019Updated 6 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.☆480Nov 15, 2024Updated last year
- Wireless Forensics Framework In Python☆20Jan 29, 2017Updated 9 years ago
- ☆33Nov 21, 2024Updated last year
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 7 years ago
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon☆44Jan 31, 2021Updated 5 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- An assortment of general guides I've currated for general teaching purposes focusing on red / blue team methodologies and tasks.☆13Feb 3, 2018Updated 8 years ago
- PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.☆52Jan 25, 2018Updated 8 years ago
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Aug 8, 2020Updated 5 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆65Oct 31, 2017Updated 8 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Mar 3, 2019Updated 7 years ago
- Blue Team Scripts☆254Jun 20, 2019Updated 6 years ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆23Feb 2, 2025Updated last year
- Golang implementation of PyMISP-feedgenerator☆18Jul 31, 2022Updated 3 years ago
- Scripts that are suited for blue teams☆33Mar 17, 2016Updated 10 years ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆28Oct 10, 2023Updated 2 years ago
- botnet frontend i wrote in a night and then improved over a few other nights☆13Apr 11, 2019Updated 6 years ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Dec 30, 2018Updated 7 years ago
- Best practices in threat intelligence☆50Nov 6, 2022Updated 3 years ago
- Resources and materials for DEF CON 2018 Packet Hunting Workshop☆80Aug 12, 2018Updated 7 years ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆460Feb 4, 2022Updated 4 years ago
- POC code to crash Windows Event Logger Service☆27Oct 16, 2020Updated 5 years ago
- Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more acros…☆60Updated this week
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- Copy-on-write fork()-like memory dump using Process Snapshotting APIs☆13Jul 23, 2017Updated 8 years ago
- MS Entra ID Protection Guidance☆22Apr 2, 2024Updated last year