soc-otter / BlueLinks
A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspect.
☆34Updated last month
Alternatives and similar repositories for Blue
Users that are interested in Blue are comparing it to the libraries listed below
Sorting:
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆91Updated last year
- ☆24Updated 9 months ago
- ☆163Updated 5 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- Baseline a Windows System against LOLBAS☆69Updated last year
- An Infrastructure as code proof of concept to deploy a bare minimum AD environment in AWS.☆45Updated 2 months ago
- ☆162Updated 10 months ago
- Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.☆122Updated 3 months ago
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆251Updated 2 months ago
- ☆167Updated 4 months ago
- BloodHound PowerShell client☆74Updated 2 months ago
- Azure Post Exploitation Framework☆241Updated last month
- Decrypt SCCM and DPAPI secrets with Powershell.☆42Updated 5 months ago
- Ludus range for the Constructing Defense Lab☆66Updated 2 weeks ago
- Hybrid AD utilities for ROADtools☆98Updated 6 months ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆161Updated 11 months ago
- Persist like a Dodder☆66Updated 6 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆107Updated 8 months ago
- Python utility that generates "imageless" QR codes in various formats☆131Updated last year
- 🌩️ Collection of BloodHound queries for Azure☆78Updated 10 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆164Updated 10 months ago
- ☆182Updated 11 months ago
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆91Updated 3 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆86Updated 3 weeks ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year
- Parses Snaffler output file and generate beautified outputs.☆110Updated 10 months ago
- This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim …☆178Updated 2 months ago
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆148Updated 4 months ago
- Malware As A Service☆135Updated last year
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆43Updated 10 months ago