Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.
☆39Apr 27, 2025Updated 10 months ago
Alternatives and similar repositories for blue-team
Users that are interested in blue-team are comparing it to the libraries listed below
Sorting:
- Automate Sysmon Deployment and Configuration☆20Jul 26, 2024Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Dec 1, 2022Updated 3 years ago
- A powershell module that enhances the output of Write-Host, Write-Debug, Write-Verbose, Write-Information and Write-Warning☆12Feb 13, 2025Updated last year
- ☆14Jul 11, 2024Updated last year
- A PowerShell Logging Module that uses Classes to log to the console, log file, or the event viewer☆13Sep 13, 2018Updated 7 years ago
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- Goose IT's Turbo Netscaler☆17Jul 11, 2024Updated last year
- PowerShell Script to apply ExchangeHealthChecker recommendations☆17Feb 11, 2025Updated last year
- ☆13Jun 26, 2022Updated 3 years ago
- Repository of Yara rules created by the Stratosphere team☆29Jul 8, 2021Updated 4 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- ☆20Mar 6, 2026Updated last week
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆93Updated this week
- A language independent(!) Powershell Script to remove orphaned AdminCounts on User objects in AD and enable ACL inheritance. Repair User …☆15Jul 17, 2025Updated 8 months ago
- The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cybe…☆44Sep 17, 2020Updated 5 years ago
- Display Exchange Server Health Status☆11Jan 5, 2023Updated 3 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Collection Commander☆11Aug 23, 2018Updated 7 years ago
- All my PowerShell scripts☆12Jan 7, 2023Updated 3 years ago
- A tool to identify and remediate common misconfigurations in Active Directory Certificate Services☆18Jan 13, 2024Updated 2 years ago
- Script library for Managing Windows Server 2016 With PowerShell Cookbook☆33Sep 14, 2018Updated 7 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- Simplifies the implementation of Just Enough Administration by providing functions to convert Code, ScriptBlocks or Scripts into JEA role…☆32May 7, 2025Updated 10 months ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Aug 6, 2022Updated 3 years ago
- Restore window positions when displays are connected and disconnected☆18Dec 27, 2024Updated last year
- ☆16May 31, 2025Updated 9 months ago
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- Add or Remove Applications from / to Windows 10 Tasbar, Taskbar-Pinning, Pin, Unpin☆18Mar 25, 2018Updated 7 years ago
- Website crawler with YARA detection☆89Aug 20, 2023Updated 2 years ago
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 2 years ago
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Powershell scripts for differnet topics☆17Mar 12, 2026Updated last week
- An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES☆13Apr 8, 2024Updated last year
- Scripts that are suited for blue teams☆33Mar 17, 2016Updated 10 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- Notes some analysis related to VidarStealer sample☆16May 5, 2024Updated last year