These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
☆1,761Feb 13, 2026Updated last month
Alternatives and similar repositories for IntroLabs
Users that are interested in IntroLabs are comparing it to the libraries listed below
Sorting:
- ☆70May 5, 2021Updated 4 years ago
- ☆2,390Oct 14, 2023Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,688Mar 13, 2026Updated last week
- ☆133Mar 10, 2021Updated 5 years ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,516Jan 12, 2026Updated 2 months ago
- links collected from SOC Core Skills class☆85Dec 17, 2020Updated 5 years ago
- Tools for simulating threats☆203Oct 27, 2023Updated 2 years ago
- Practical Windows Forensics Training☆754Feb 16, 2026Updated last month
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆488Nov 21, 2024Updated last year
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆180Jan 20, 2026Updated 2 months ago
- Main Sigma Rule Repository☆10,203Mar 15, 2026Updated last week
- A repository of sysmon configuration modules☆2,994Aug 21, 2024Updated last year
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆301Updated this week
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,476Mar 2, 2026Updated 3 weeks ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,807Sep 17, 2024Updated last year
- Bloodhound Reporting for Blue and Purple Teams☆1,281Nov 15, 2025Updated 4 months ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,921Jul 6, 2024Updated last year
- game of active directory☆7,581Mar 12, 2026Updated last week
- Sysmon configuration file template with default high-quality event tracing☆5,430Jul 3, 2024Updated last year
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆1,261Jul 22, 2025Updated 8 months ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,438Updated this week
- An Active Defense and EDR software to empower Blue Teams☆1,315Aug 10, 2023Updated 2 years ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,661Mar 9, 2026Updated last week
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆151Mar 1, 2026Updated 3 weeks ago
- Digging Deeper....☆3,832Updated this week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,141Oct 19, 2025Updated 5 months ago
- You didn't think I'd go and leave the blue team out, right?☆1,736Jan 5, 2026Updated 2 months ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,460Updated this week
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆2,030Jul 11, 2024Updated last year
- Intro Labs Remastered☆35Mar 7, 2025Updated last year
- Automated Adversary Emulation Platform☆6,831Updated this week
- DDTTX Tabletop Trainings☆28Sep 23, 2021Updated 4 years ago
- Traps web spiders☆79Jun 24, 2020Updated 5 years ago
- A curated knowledge base to build, run and mature a SOC (including CSIRT).☆1,650Updated this week
- TrustedSec Sysinternals Sysmon Community Guide☆1,384Feb 10, 2026Updated last month
- Six Degrees of Domain Admin☆10,558Mar 2, 2026Updated 2 weeks ago
- Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensi…☆4,504Jan 10, 2025Updated last year
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆1,018Sep 8, 2025Updated 6 months ago