mttaggart / blue-jupyterView external linksLinks
Jupyter Notebooks for the Blue Team
☆145Mar 21, 2025Updated 10 months ago
Alternatives and similar repositories for blue-jupyter
Users that are interested in blue-jupyter are comparing it to the libraries listed below
Sorting:
- Labs for Practical Malware Analysis & Triage☆1,076Dec 20, 2025Updated last month
- Azure AD Incident Response☆27Oct 8, 2021Updated 4 years ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated 10 months ago
- Jupyter Notebooks for the Blue Team☆39Jan 16, 2025Updated last year
- ☆11Dec 9, 2025Updated 2 months ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Jun 30, 2021Updated 4 years ago
- ☆16Mar 22, 2023Updated 2 years ago
- Forensics triage tool relying on Volatility and Foremost☆25Dec 3, 2023Updated 2 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Sep 8, 2022Updated 3 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated last month
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆342Dec 3, 2025Updated 2 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- Practical Windows Forensics Training☆740Updated this week
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- ☆15Sep 19, 2019Updated 6 years ago
- Homographs: brutefind homographs within a font☆19Apr 21, 2017Updated 8 years ago
- Chrome Logs Events and Protobuf Parser☆40Dec 13, 2022Updated 3 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆960Oct 5, 2023Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Simulates a compromise in a cloud and container environment☆33Dec 18, 2024Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Jul 21, 2022Updated 3 years ago
- Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020☆323Jan 22, 2021Updated 5 years ago
- Useful scripts, rules etc. for use with YARA☆27Feb 12, 2021Updated 5 years ago
- Resources for Students in the Practical Webapp Security and Testing course☆22Oct 15, 2025Updated 4 months ago
- Semantic analysis with neural networks☆10Feb 18, 2021Updated 4 years ago
- This repository hosts community contributed Kestrel analytics☆18May 28, 2024Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆296May 5, 2024Updated last year
- Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…☆1,073Nov 25, 2025Updated 2 months ago
- You didn't think I'd go and leave the blue team out, right?☆1,729Jan 5, 2026Updated last month
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,634Updated this week
- Reads and prints information from the website MalAPI.io☆20Jul 14, 2022Updated 3 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆22Aug 13, 2024Updated last year
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 7 months ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Feb 2, 2026Updated 2 weeks ago
- A modular OSINT honeypot for blue teamers☆342May 2, 2023Updated 2 years ago