A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspect.
☆33Oct 24, 2025Updated 5 months ago
Alternatives and similar repositories for Blue
Users that are interested in Blue are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- ☆12Jul 15, 2022Updated 3 years ago
- Microsoft-Defender-for-IoT☆14May 26, 2025Updated 10 months ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 2 months ago
- Generate Volatility3 profiles from BTF.☆31Dec 21, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Repo to hold my PowerShell Scripts☆17Oct 19, 2022Updated 3 years ago
- With zero dependencies, NetCredz extracts credentials from pcap files or live traffic, supporting NTLM, LDAP, HTTP, SMTP, SNMP, Telnet, F…☆78Dec 2, 2024Updated last year
- SATO is a PowerShell tool focuses on providing flexible, multi-grant type support for obtaining, managing, and analyzing Azure tokens.☆22Nov 24, 2025Updated 4 months ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates…☆67Oct 20, 2025Updated 5 months ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 7 months ago
- Awesome list of custom content filters for Brave☆27Aug 27, 2025Updated 7 months ago
- Token impersonation in PowerShell to execute under the context of another user.☆24Oct 14, 2025Updated 5 months ago
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- TOCFL word-list CSV file generator☆15Nov 21, 2024Updated last year
- Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.☆231Mar 13, 2026Updated 2 weeks ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆27Apr 21, 2025Updated 11 months ago
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆48Mar 5, 2026Updated 3 weeks ago
- ☆16Sep 5, 2024Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆56Jul 2, 2023Updated 2 years ago
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆67Mar 23, 2026Updated last week
- A curated list of Hardware Hacking resources☆12Apr 14, 2020Updated 5 years ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Paypal Payments PHP Integration☆11Dec 17, 2018Updated 7 years ago
- Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…☆99Feb 25, 2026Updated last month
- ☆10Jul 1, 2023Updated 2 years ago
- An open framework for computer-enabled insider threat investigations. Contribute today!☆28Mar 18, 2026Updated last week
- Dump Linux keyrings☆24Jul 15, 2024Updated last year
- A simple apple crash report parser for rust☆26Updated this week
- ☆13Dec 10, 2020Updated 5 years ago
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.�☆96Dec 29, 2025Updated 3 months ago
- A tiny tool built to help AD Admins tame the Protected Users group.☆140Mar 22, 2026Updated last week
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A Golang CLI for the MITRE ATT&CK Framework☆14Apr 28, 2025Updated 11 months ago
- ☆34Jun 13, 2023Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆91Sep 9, 2022Updated 3 years ago
- Precompiled binaries for various projects☆13Nov 6, 2020Updated 5 years ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆63Mar 11, 2026Updated 2 weeks ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆74Jun 28, 2021Updated 4 years ago