Jupyter Notebooks for the Blue Team
☆145Mar 21, 2025Updated 11 months ago
Alternatives and similar repositories for blue-jupyter
Users that are interested in blue-jupyter are comparing it to the libraries listed below
Sorting:
- Labs for Practical Malware Analysis & Triage☆1,084Feb 23, 2026Updated 2 weeks ago
- Azure AD Incident Response☆27Oct 8, 2021Updated 4 years ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated 11 months ago
- Jupyter Notebooks for the Blue Team☆39Jan 16, 2025Updated last year
- ☆11Dec 9, 2025Updated 3 months ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Jun 30, 2021Updated 4 years ago
- ☆16Mar 22, 2023Updated 2 years ago
- Forensics triage tool relying on Volatility and Foremost☆25Dec 3, 2023Updated 2 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Sep 8, 2022Updated 3 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated 2 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆341Dec 3, 2025Updated 3 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- Practical Windows Forensics Training☆749Feb 16, 2026Updated 3 weeks ago
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- Homographs: brutefind homographs within a font☆19Apr 21, 2017Updated 8 years ago
- Chrome Logs Events and Protobuf Parser☆39Dec 13, 2022Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,061Oct 5, 2023Updated 2 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Simulates a compromise in a cloud and container environment☆34Dec 18, 2024Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020☆323Jan 22, 2021Updated 5 years ago
- This repository hosts community contributed Kestrel analytics☆18May 28, 2024Updated last year
- Semantic analysis with neural networks☆10Feb 18, 2021Updated 5 years ago
- Useful scripts, rules etc. for use with YARA☆27Feb 12, 2021Updated 5 years ago
- This is a collection of threat detection rules / rules engines that I have come across.☆296May 5, 2024Updated last year
- Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…☆1,085Feb 25, 2026Updated last week
- You didn't think I'd go and leave the blue team out, right?☆1,734Jan 5, 2026Updated 2 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,642Feb 27, 2026Updated last week
- Reads and prints information from the website MalAPI.io☆20Jul 14, 2022Updated 3 years ago
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆22Aug 13, 2024Updated last year
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Feb 28, 2026Updated last week
- A modular OSINT honeypot for blue teamers☆342May 2, 2023Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆59Jun 24, 2025Updated 8 months ago
- Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack☆180Jul 6, 2021Updated 4 years ago
- Notion as a platform for offensive operations☆1,178May 21, 2023Updated 2 years ago