ryanmrestivo/blue-team external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ryanmrestivo/blue-team

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ryanmrestivo/blue-team)

Close

ryanmrestivo / blue-teamView on GitHubMore

• External links
• Readme badge

Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.

☆39Apr 27, 2025Updated 11 months ago

Alternatives and similar repositories for blue-team

Users that are interested in blue-team are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• filescanio / fsYara

  View on GitHub
  A collection of curated YARA rules used as part of the Filescan.io service
  ☆22Mar 27, 2026Updated last week
• sisoma2 / malware_analysis

  View on GitHub
  Scripts, Yara rules and other files developed during malware investigations
  ☆27Aug 19, 2022Updated 3 years ago
• 3gbCyber / IR-Last-Write-Time

  View on GitHub
  Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.
  ☆27Dec 1, 2022Updated 3 years ago
• Sarafian / XWrite

  View on GitHub
  A powershell module that enhances the output of Write-Host, Write-Debug, Write-Verbose, Write-Information and Write-Warning
  ☆12Feb 13, 2025Updated last year
• PsychoData / Onedrive-Client

  View on GitHub
  ☆14Jul 11, 2024Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• MSAdministrator / PSLogging

  View on GitHub
  A PowerShell Logging Module that uses Classes to log to the console, log file, or the event viewer
  ☆13Sep 13, 2018Updated 7 years ago
• n1ght-w0lf / QilingForMalwareAnalysis

  View on GitHub
  Code snippets for Qiling Tutorials
  ☆21Aug 22, 2020Updated 5 years ago
• tobor88 / PowerShell-Blue-Team

  View on GitHub
  Collection of PowerShell functinos and scripts a Blue Teamer might use
  ☆88Oct 4, 2023Updated 2 years ago
• LooseDevGoose / TurboADC

  View on GitHub
  Goose IT's Turbo Netscaler
  ☆17Jul 11, 2024Updated last year
• FrankysWeb / Apply-ExchangeHealthChecker-Recommendations

  View on GitHub
  PowerShell Script to apply ExchangeHealthChecker recommendations
  ☆18Feb 11, 2025Updated last year
• juaromu / chainsaw

  View on GitHub
  ☆13Jun 26, 2022Updated 3 years ago
• ydkhatri / Appx-Analysis

  View on GitHub
  Scripts and tools created for appx analysis talk (Magnet summit 2019)
  ☆19Feb 26, 2024Updated 2 years ago
• Harvester57 / Security-ADMX

  View on GitHub
  Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
  ☆96Apr 1, 2026Updated last week
• PyroTek3 / ActiveDirectory

  View on GitHub
  ☆24Mar 6, 2026Updated last month
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• CCXLabs / CCXDigger

  View on GitHub
  The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cybe…
  ☆44Sep 17, 2020Updated 5 years ago
• FrankysWeb / Get-ExchangeStatus

  View on GitHub
  Display Exchange Server Health Status
  ☆11Jan 5, 2023Updated 3 years ago
• rzander / cmcollctr

  View on GitHub
  Collection Commander
  ☆11Aug 23, 2018Updated 7 years ago
• doctordns / PowerShellCookbook

  View on GitHub
  Script library for Managing Windows Server 2016 With PowerShell Cookbook
  ☆33Sep 14, 2018Updated 7 years ago
• techspence / Locksmith

  View on GitHub
  A tool to identify and remediate common misconfigurations in Active Directory Certificate Services
  ☆18Jan 13, 2024Updated 2 years ago
• RomaissaAdjailia / Get-AppLockerEventlog

  View on GitHub
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Aug 6, 2022Updated 3 years ago
• Crozzers / RestoreWindowPos

  View on GitHub
  Restore window positions when displays are connected and disconnected
  ☆18Dec 27, 2024Updated last year
• FriedrichWeinmann / string

  View on GitHub
  ☆16May 31, 2025Updated 10 months ago
• lawiet47 / autoresponder

  View on GitHub
  Carbon Black Response IR tool
  ☆56Dec 10, 2020Updated 5 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• ninoseki / uzen

  View on GitHub
  Website crawler with YARA detection
  ☆89Aug 20, 2023Updated 2 years ago
• RobbeBryssinck / rust_reverser_helper

  View on GitHub
  Ida Pro plugin to aid in reverse engineering Rust binaries.
  ☆19Dec 9, 2024Updated last year
• sbousseaden / YaraHunts

  View on GitHub
  Random hunting ordiented yara rules
  ☆96Mar 27, 2023Updated 3 years ago
• vadim-hunter / Detection-Ideas-Rules

  View on GitHub
  Detection Ideas & Rules repository.
  ☆178Sep 10, 2021Updated 4 years ago
• ThreatLabz / pikabot-deobfuscator

  View on GitHub
  An IDA plugin to deobfuscate Pikabot's strings using RC4 and AES
  ☆13Apr 8, 2024Updated 2 years ago
• Koetzing / Powershell-Scripts

  View on GitHub
  Powershell scripts for differnet topics
  ☆17Mar 12, 2026Updated 3 weeks ago
• ion-storm / sysmon-edr

  View on GitHub
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆223May 1, 2021Updated 4 years ago
• lapolis / palinka_c2

  View on GitHub
  Just another useless C2 occupying space in some HDD somewhere.
  ☆22Jul 4, 2023Updated 2 years ago
• Jannos-443 / PRTG-VMware-Snapshot

  View on GitHub
  PRTG VMware Snapshot Monitoring
  ☆15Apr 23, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆627Mar 18, 2025Updated last year
• ElvisBlue / emotet-deobfuscator

  View on GitHub
  IDA plugin to deobfuscate emotet CFF
  ☆18Apr 26, 2022Updated 3 years ago
• TechDufus / AdminToolkit

  View on GitHub
  Miscellaneous functions and utilities for System Administrators.
  ☆22Jul 21, 2023Updated 2 years ago
• PatchMyPCTeam / MEM-Patching-Optimizer

  View on GitHub
  This tool run various tests against your WSUS & ConfigMgr environment, Including WSUS, SQL & IIS and provide feedback based on Microsoft…
  ☆21Oct 26, 2023Updated 2 years ago
• simeononsecurity / setup-scripts

  View on GitHub
  Set up scripts for various OS'es
  ☆26Jul 26, 2024Updated last year
• telekom-security / malware_analysis

  View on GitHub
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆121Mar 4, 2026Updated last month
• stuxnet999 / EventTranscriptParser

  View on GitHub
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆68Sep 13, 2023Updated 2 years ago