ufsitblue / blueLinks
UFSIT scripts and tools for hardening and auditing
☆14Updated last month
Alternatives and similar repositories for blue
Users that are interested in blue are comparing it to the libraries listed below
Sorting:
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆25Updated 3 months ago
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Respons…☆54Updated 8 months ago
- ☆81Updated 7 months ago
- A simple tool designed to create Atomic Red Team tests with ease.☆44Updated 3 months ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆34Updated last year
- ☆37Updated last year
- ☆12Updated last year
- create a "simulated internet" cyber range environment☆17Updated last month
- Modular framework for automating triaging, malware analysis, and analyst workflows☆41Updated last month
- Vibe Malware Triage - MCP server for static PE analysis.☆63Updated last month
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆37Updated 5 months ago
- Work in progress experiments with reverse shells, AV bypass and extraction of secrets from memory in C☆39Updated 5 years ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆51Updated 3 months ago
- IDA Python scripts☆37Updated 2 months ago
- Contains compiled binaries of Volatility☆33Updated last month
- Lena's scripts/code/resources for malware analysis☆27Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆80Updated 9 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆14Updated last year
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆19Updated 5 months ago
- All kinds of tiny shells☆58Updated 2 years ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆58Updated 7 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆41Updated 5 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 4 months ago
- Ludus is a system to build easy to use cyber environments, or "ranges" for testing and development.☆38Updated last year
- Quick ESXi Log Parser☆21Updated 5 months ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆38Updated 3 years ago
- Bloodhound agent for Mythic☆20Updated 2 months ago
- ☆27Updated 7 months ago
- DLL Malware for Signal Desktop. Now utilizes missing dbghelp.dll since Signal patched cryptbase.☆14Updated 5 months ago