soc-otter / BlueLinks
A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspect.
☆33Updated 3 months ago
Alternatives and similar repositories for Blue
Users that are interested in Blue are comparing it to the libraries listed below
Sorting:
- ☆24Updated 11 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆92Updated last year
- ☆164Updated 7 months ago
- A collection of tools, scripts and personal research☆155Updated last month
- An Infrastructure as code proof of concept to deploy a bare minimum AD environment in AWS.☆46Updated 4 months ago
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆153Updated last month
- Baseline a Windows System against LOLBAS☆70Updated this week
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆37Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- Ludus range for the Constructing Defense Lab☆72Updated 2 months ago
- Persist like a Dodder☆67Updated 8 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆106Updated 10 months ago
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Respons…☆63Updated last year
- ☆160Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆84Updated last year
- 🌩️ Collection of BloodHound queries for Azure☆82Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181Updated 8 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆128Updated last year
- Azure Post Exploitation Framework☆244Updated 3 months ago
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆257Updated 4 months ago
- Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.☆142Updated 5 months ago
- ☆184Updated last year
- Hybrid AD utilities for ROADtools☆106Updated 8 months ago
- ☆186Updated last month
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆165Updated last year
- Parses Snaffler output file and generate beautified outputs.☆132Updated last month
- SafeCrypt is an academic ransomware simulation suite developed for Red Team engagements. It demonstrates modern malware techniques includ…☆32Updated 4 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆44Updated last year
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆91Updated 6 months ago
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆36Updated last year