☆17Aug 27, 2022Updated 3 years ago
Alternatives and similar repositories for blue_team_con
Users that are interested in blue_team_con are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆38Mar 25, 2024Updated last year
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Jan 1, 2023Updated 3 years ago
- Azure AD Incident Response☆27Oct 8, 2021Updated 4 years ago
- Windows Syslog Command Line Client☆15Nov 21, 2012Updated 13 years ago
- MSTIC Notebook Components☆35Sep 4, 2025Updated 6 months ago
- Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD …☆59Sep 15, 2022Updated 3 years ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆30Jan 7, 2026Updated 2 months ago
- INACTIVE - Experiment: A light-weight agent to get a port scan perspective into a useable place/format for security operations☆14Apr 10, 2023Updated 2 years ago
- Fetching data from system☆11Jun 18, 2017Updated 8 years ago
- A community event for security researchers to share their favorite notebooks☆108Feb 15, 2024Updated 2 years ago
- Reverse whois query tool☆11Jul 28, 2016Updated 9 years ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Apr 5, 2024Updated last year
- Elastic version of SOC prime watcher rules☆30Oct 14, 2024Updated last year
- ☆34Jun 13, 2023Updated 2 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- File indexer with semantic search, hybrid retrieval, and multi-step reasoning agents☆20Jan 17, 2026Updated 2 months ago
- SSH Ranking system! :D (re-write of ssh-fail-watcher)☆26Dec 20, 2014Updated 11 years ago
- EnumVolcano is an open source Bash script which is used to perform automated enumeration for privilege escalation. This tool is dedicated…☆23May 8, 2022Updated 3 years ago
- A collection of Scripts which disable / remove Windows 10 Features and Apps☆14Jun 8, 2025Updated 9 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Community driven python library, scripts, and other utilities for interacting with the Vectra API☆32Aug 13, 2025Updated 7 months ago
- An alarm callback plugin for executing a script on Graylog2's server.☆11Apr 23, 2016Updated 9 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Jan 31, 2022Updated 4 years ago
- Recordization library☆11Mar 11, 2026Updated last week
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- ☆54May 14, 2024Updated last year
- Windows log and threat hunting with powershell☆16Dec 11, 2020Updated 5 years ago
- Unofficial. Splunk MCP server. Implemented in Python and TypeScript/JS. Runs searches, queries Splunk, and outputs data as JSON, CSV, or …☆29Jun 16, 2025Updated 9 months ago
- Codebase for VideoConviction, accepted at KDD 2025 (D&B Track)☆18Jan 22, 2026Updated 2 months ago
- Repository of Volatility3 plugins☆22Mar 22, 2023Updated 3 years ago
- Cloud threat detection visualization from excalidraw☆12Apr 25, 2022Updated 3 years ago
- Build and maintenance scripts for Container Linux☆14May 17, 2020Updated 5 years ago
- Azure Sentinel Template parser☆16Nov 2, 2020Updated 5 years ago
- ☆14Oct 24, 2024Updated last year
- This script will generate hashes (MD5, SHA1, SHA256), submit the MD5 to Virus Total, and produce a text file with the results.☆15Jul 13, 2023Updated 2 years ago
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- ☆20Apr 10, 2025Updated 11 months ago
- A series of tutorials and sketches pulled from various sources and modified for the Thotcon 0xA conference badge.☆15May 3, 2019Updated 6 years ago