soc-otter / BlueLinks
A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspect.
☆34Updated 2 weeks ago
Alternatives and similar repositories for Blue
Users that are interested in Blue are comparing it to the libraries listed below
Sorting:
- ☆24Updated 8 months ago
- ☆163Updated 4 months ago
- Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.☆113Updated 2 months ago
- An Infrastructure as code proof of concept to deploy a bare minimum AD environment in AWS.☆45Updated last month
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- ☆179Updated 11 months ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆157Updated 11 months ago
- Azure Post Exploitation Framework☆240Updated last week
- A collection of tools, scripts and personal research☆146Updated 3 months ago
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Respons…☆61Updated last year
- ☆123Updated 4 months ago
- Baseline a Windows System against LOLBAS☆68Updated last year
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆298Updated 2 months ago
- ☆162Updated 9 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year
- Decrypt SCCM and DPAPI secrets with Powershell.☆41Updated 4 months ago
- BloodHound PowerShell client☆68Updated last month
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆147Updated 3 months ago
- ☆90Updated 3 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆177Updated 5 months ago
- Retired TrustedSec Capabilities☆248Updated 11 months ago
- 🌩️ Collection of BloodHound queries for Azure☆78Updated 10 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆107Updated 7 months ago
- ☆118Updated 2 months ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)☆199Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Updated last year
- Advanced Domain Controller attack and credential analysis tool leveraging DonPAPI database☆100Updated last week
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆64Updated 7 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆95Updated 2 years ago