These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
☆1,753Feb 13, 2026Updated 2 weeks ago
Alternatives and similar repositories for IntroLabs
Users that are interested in IntroLabs are comparing it to the libraries listed below
Sorting:
- ☆2,388Oct 14, 2023Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,617Feb 23, 2026Updated last week
- Practical Windows Forensics Training☆751Feb 16, 2026Updated 2 weeks ago
- ☆133Mar 10, 2021Updated 4 years ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,516Jan 12, 2026Updated last month
- Tools for simulating threats☆200Oct 27, 2023Updated 2 years ago
- links collected from SOC Core Skills class☆85Dec 17, 2020Updated 5 years ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆489Nov 21, 2024Updated last year
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,452Feb 14, 2026Updated 2 weeks ago
- Main Sigma Rule Repository☆10,145Feb 19, 2026Updated last week
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,802Sep 17, 2024Updated last year
- game of active directory☆7,484Jul 16, 2025Updated 7 months ago
- A repository of sysmon configuration modules☆2,980Aug 21, 2024Updated last year
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆299Feb 9, 2026Updated 2 weeks ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆179Jan 20, 2026Updated last month
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆1,253Jul 22, 2025Updated 7 months ago
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,908Jul 6, 2024Updated last year
- Bloodhound Reporting for Blue and Purple Teams☆1,277Nov 15, 2025Updated 3 months ago
- A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…☆8,378Dec 23, 2025Updated 2 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,638Feb 22, 2026Updated last week
- Sysmon configuration file template with default high-quality event tracing☆5,401Jul 3, 2024Updated last year
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,445Updated this week
- You didn't think I'd go and leave the blue team out, right?☆1,732Jan 5, 2026Updated last month
- An Active Defense and EDR software to empower Blue Teams☆1,316Aug 10, 2023Updated 2 years ago
- Digging Deeper....☆3,784Updated this week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,138Oct 19, 2025Updated 4 months ago
- Automated Adversary Emulation Platform☆6,761Feb 17, 2026Updated last week
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆2,022Jul 11, 2024Updated last year
- TrustedSec Sysinternals Sysmon Community Guide☆1,372Feb 10, 2026Updated 2 weeks ago
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,631Feb 23, 2026Updated last week
- Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab☆2,257Apr 12, 2024Updated last year
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆150Feb 1, 2026Updated last month
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,549Feb 10, 2026Updated 2 weeks ago
- Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…☆2,055Dec 11, 2024Updated last year
- Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensi…☆4,479Jan 10, 2025Updated last year
- Tools and Techniques for Blue Team / Incident Response☆3,942Mar 27, 2025Updated 11 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,037Updated this week
- Traps web spiders☆79Jun 24, 2020Updated 5 years ago