soc-otter / BlueLinks
A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspect.
☆34Updated 2 months ago
Alternatives and similar repositories for Blue
Users that are interested in Blue are comparing it to the libraries listed below
Sorting:
- ☆163Updated 6 months ago
- ☆24Updated 10 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆91Updated last year
- Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.☆129Updated 4 months ago
- An Infrastructure as code proof of concept to deploy a bare minimum AD environment in AWS.☆46Updated 3 months ago
- A collection of tools, scripts and personal research☆154Updated 2 weeks ago
- Baseline a Windows System against LOLBAS☆69Updated last year
- Azure Post Exploitation Framework☆242Updated last month
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆107Updated 9 months ago
- ☆161Updated 10 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- ☆176Updated last week
- Hybrid AD utilities for ROADtools☆102Updated 7 months ago
- BloodHound PowerShell client☆75Updated 2 weeks ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆168Updated 10 months ago
- Ludus range for the Constructing Defense Lab☆68Updated last month
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆308Updated 3 months ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆162Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆84Updated last year
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)☆205Updated last year
- Persist like a Dodder☆66Updated 7 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181Updated 7 months ago
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆251Updated 3 months ago
- Decrypt SCCM and DPAPI secrets with Powershell.☆43Updated 6 months ago
- Retired TrustedSec Capabilities☆248Updated last year
- Parses Snaffler output file and generate beautified outputs.☆112Updated 11 months ago
- ☆182Updated last year
- Just some random Red Team Scripts that can be useful☆153Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year
- ☆31Updated 2 months ago