Collection of PowerShell functinos and scripts a Blue Teamer might use
☆88Oct 4, 2023Updated 2 years ago
Alternatives and similar repositories for PowerShell-Blue-Team
Users that are interested in PowerShell-Blue-Team are comparing it to the libraries listed below
Sorting:
- This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommen…☆51Sep 14, 2025Updated 5 months ago
- This is a site I made for easily hosting tools and payload over apache2 on Kali Linux so they are always ready to go. These are a collect…☆17Jun 3, 2022Updated 3 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- PowerShell Funcitons that can be used to help automate and troubleshoot Windows Updates☆17Feb 19, 2026Updated last week
- Collection of PowerShell functions a Red Teamer may use in an engagement☆547Dec 8, 2023Updated 2 years ago
- 🧰 Various PowerShell scripts for security, sysadmins, blue and red teams👫🏼☆52Aug 28, 2025Updated 6 months ago
- Sharing Threat Hunting runbooks☆25Jul 5, 2019Updated 6 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- A GC link parser for both linkfiles and jumplists.☆18Oct 28, 2016Updated 9 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 5 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆131Oct 17, 2020Updated 5 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Jan 1, 2020Updated 6 years ago
- Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…☆39Apr 27, 2025Updated 10 months ago
- incident response scripts☆18Mar 4, 2019Updated 6 years ago
- Functions that can be used to gain Reverse Shells with PowerShell☆83Sep 4, 2022Updated 3 years ago
- ☆34Apr 29, 2021Updated 4 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- ☆134Mar 21, 2024Updated last year
- Find your router's default password☆14Apr 7, 2015Updated 10 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- Virus Total Free - IOC parser and report generator☆25Mar 19, 2023Updated 2 years ago
- ☆49Dec 11, 2025Updated 2 months ago
- Items related to the RedELK workshop given at security conferences☆29Sep 28, 2023Updated 2 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- bash script to prepare Debian machines for OSINT use☆11Apr 10, 2020Updated 5 years ago
- A Docker lab integrating Splunk SIEM with Ollama LLM via Model Context Protocol for AI-powered security operations. Features Promptfoo e…☆18Aug 17, 2025Updated 6 months ago
- ☆10Nov 21, 2023Updated 2 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆20Oct 30, 2025Updated 4 months ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Sep 17, 2025Updated 5 months ago
- Presentation Slides☆26Jun 7, 2019Updated 6 years ago
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆66Mar 17, 2025Updated 11 months ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago