Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.
☆39Apr 27, 2025Updated last year
Alternatives and similar repositories for blue-team
Users that are interested in blue-team are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Collection of FOSS/Freeware. Most tools here are portable, which can be useful for when you are out-and-about. Obviously dedicated lab …☆27May 7, 2026Updated last week
- Notes, red team materials, testing tools, etc.☆160Oct 18, 2024Updated last year
- A collection of curated YARA rules used as part of the Filescan.io service☆22Apr 15, 2026Updated last month
- Automate Sysmon Deployment and Configuration☆20Jul 26, 2024Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Dec 1, 2022Updated 3 years ago
- A powershell module that enhances the output of Write-Host, Write-Debug, Write-Verbose, Write-Information and Write-Warning☆12Feb 13, 2025Updated last year
- A PowerShell Logging Module that uses Classes to log to the console, log file, or the event viewer☆13Sep 13, 2018Updated 7 years ago
- Code snippets for Qiling Tutorials☆21Aug 22, 2020Updated 5 years ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆88Oct 4, 2023Updated 2 years ago
- Goose IT's Turbo Netscaler☆17Jul 11, 2024Updated last year
- PowerShell Script to apply ExchangeHealthChecker recommendations☆18Feb 11, 2025Updated last year
- Repository of Yara rules created by the Stratosphere team☆29Jul 8, 2021Updated 4 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Scripts and tools created for appx analysis talk (Magnet summit 2019)☆19Feb 26, 2024Updated 2 years ago
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆98Updated this week
- The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cybe…☆44Sep 17, 2020Updated 5 years ago
- A language independent(!) Powershell Script to remove orphaned AdminCounts on User objects in AD and enable ACL inheritance. Repair User …☆17Jul 17, 2025Updated 10 months ago
- Display Exchange Server Health Status☆11Jan 5, 2023Updated 3 years ago
- List of tools and references used by NU Cybersecurity students,☆15Feb 12, 2024Updated 2 years ago
- Collection Commander☆11Aug 23, 2018Updated 7 years ago
- All my PowerShell scripts☆12Jan 7, 2023Updated 3 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Aug 6, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Script library for Managing Windows Server 2016 With PowerShell Cookbook☆33Sep 14, 2018Updated 7 years ago
- A small tool to unmap PE memory dumps.☆11Nov 9, 2023Updated 2 years ago
- A tool to identify and remediate common misconfigurations in Active Directory Certificate Services☆18Jan 13, 2024Updated 2 years ago
- ☆16May 31, 2025Updated 11 months ago
- Restore window positions when displays are connected and disconnected☆18Dec 27, 2024Updated last year
- Carbon Black Response IR tool☆56Dec 10, 2020Updated 5 years ago
- function identification signatures☆12Apr 26, 2021Updated 5 years ago
- Add or Remove Applications from / to Windows 10 Tasbar, Taskbar-Pinning, Pin, Unpin☆18Mar 25, 2018Updated 8 years ago
- Website crawler with YARA detection☆90Aug 20, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 3 years ago
- ☆18Apr 24, 2026Updated 3 weeks ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Powershell scripts for differnet topics☆17Apr 28, 2026Updated 3 weeks ago
- Scripts that are suited for blue teams☆33Mar 17, 2016Updated 10 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226May 1, 2021Updated 5 years ago