ryanmrestivo / blue-teamView external linksLinks
Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.
☆38Apr 27, 2025Updated 9 months ago
Alternatives and similar repositories for blue-team
Users that are interested in blue-team are comparing it to the libraries listed below
Sorting:
- Collection of FOSS/Freeware. Most tools here are portable, which can be useful for when you are out-and-about. Obviously dedicated lab …☆26Feb 2, 2026Updated 2 weeks ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Dec 1, 2022Updated 3 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- Repository of Yara rules created by the Stratosphere team☆29Jul 8, 2021Updated 4 years ago
- A powershell module that enhances the output of Write-Host, Write-Debug, Write-Verbose, Write-Information and Write-Warning☆12Feb 13, 2025Updated last year
- The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cybe…☆43Sep 17, 2020Updated 5 years ago
- A PowerShell Logging Module that uses Classes to log to the console, log file, or the event viewer☆13Sep 13, 2018Updated 7 years ago
- Simplifies the implementation of Just Enough Administration by providing functions to convert Code, ScriptBlocks or Scripts into JEA role…☆32May 7, 2025Updated 9 months ago
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆92Updated this week
- Collection Commander☆11Aug 23, 2018Updated 7 years ago
- ☆13Jun 26, 2022Updated 3 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Script library for Managing Windows Server 2016 With PowerShell Cookbook☆33Sep 14, 2018Updated 7 years ago
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- Automate Sysmon Deployment and Configuration☆20Jul 26, 2024Updated last year
- Goose IT's Turbo Netscaler☆17Jul 11, 2024Updated last year
- ☆18Feb 2, 2026Updated 2 weeks ago
- Add or Remove Applications from / to Windows 10 Tasbar, Taskbar-Pinning, Pin, Unpin☆18Mar 25, 2018Updated 7 years ago
- A tool to identify and remediate common misconfigurations in Active Directory Certificate Services☆17Jan 13, 2024Updated 2 years ago
- Set up scripts for various OS'es☆26Jul 26, 2024Updated last year
- ☆16May 31, 2025Updated 8 months ago
- Simple powershell script to find living off land binaries and scripts on a system.☆22Aug 24, 2019Updated 6 years ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆88Oct 4, 2023Updated 2 years ago
- Three datasets to practice Threat Hunting against.☆46Jan 3, 2024Updated 2 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- PowerShell Script to apply ExchangeHealthChecker recommendations☆17Feb 11, 2025Updated last year
- Miscellaneous functions and utilities for System Administrators.☆22Jul 21, 2023Updated 2 years ago
- Scripts for My Visual Studio subscriber downloads file metadata dumps☆23Jan 29, 2026Updated 2 weeks ago
- Website crawler with YARA detection☆90Aug 20, 2023Updated 2 years ago
- This tool run various tests against your WSUS & ConfigMgr environment, Including WSUS, SQL & IIS and provide feedback based on Microsoft…☆21Oct 26, 2023Updated 2 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Repository for uncategorized Windows 10 Scripts☆52May 5, 2022Updated 3 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226May 1, 2021Updated 4 years ago
- Advanced python HTTP reverse shell made for Hacking Competition purpose. I am not responsible of what you do with this tool.☆24Aug 14, 2023Updated 2 years ago
- A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.☆107Nov 23, 2022Updated 3 years ago
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 2 years ago
- ClassicPlates Plus is an addon that adds additional features and new Classic-themed visuals to nameplates.☆10Oct 21, 2025Updated 3 months ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆117Dec 13, 2023Updated 2 years ago