Blue-infosec

All

1.5k repositories

WhoYouCalling
Public
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
C#
•
MIT License
•12•0•0•0•Updated Oct 12, 2024Oct 12, 2024
EntraIdManagement
Public
Scripts designed to automate and assist administrators with managing Entra Id
PowerShell
•
MIT License
•4•0•0•0•Updated Oct 7, 2024Oct 7, 2024
secure-ml
Public
Explore ThalesGroup's comprehensive framework for secure machine learning systems on this repository. Developed by Thales experts, this framework encompasses essential security requirements, guidelines, tools, and privacy recommendations tailored specifically for machine learning applications.
Other
•5•0•0•0•Updated Oct 7, 2024Oct 7, 2024
venator
Public
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
Go
•
MIT License
•18•0•0•0•Updated Oct 1, 2024Oct 1, 2024
segugio
Public
Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracting the malware's final stage configuration.
C#
•2•0•0•0•Updated Sep 21, 2024Sep 21, 2024
fibratus
Public
Adversary tradecraft detection, protection, and hunting
Go
•
Other
•190•0•0•0•Updated Sep 9, 2024Sep 9, 2024
tracecat
Public
The open source Tines / Splunk SOAR alternative.
Python
•
GNU Affero General Public License v3.0
•171•0•0•0•Updated Sep 9, 2024Sep 9, 2024
incidental
Public
An opensource incident management platform integrating with Slack.
Python
•
MIT License
•15•0•0•0•Updated Sep 7, 2024Sep 7, 2024
Respotter
Public
Respotter is a Responder honeypot! Catch attackers as soon as they spin up Responder in your environment.
Python
•
MIT License
•10•0•0•0•Updated Sep 5, 2024Sep 5, 2024
diana
Public
Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
Python
•
MIT License
•17•0•0•0•Updated Sep 4, 2024Sep 4, 2024
PANIX
Public
Customizable Linux Persistence Tool for Security Research and Detection Engineering.
Shell
•
MIT License
•42•0•0•0•Updated Sep 3, 2024Sep 3, 2024
VeilTransfer
Public
VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allowing organizations to evaluate and improve their security posture.
Go
•
GNU General Public License v3.0
•12•0•0•0•Updated Aug 26, 2024Aug 26, 2024
HEG-3.0
Public
PowerShell
•
MIT License
•1•0•0•0•Updated Aug 21, 2024Aug 21, 2024
Ransomware-Tool-Matrix
Public
A resource containing all the tools each ransomware gangs uses
80•0•0•0•Updated Aug 19, 2024Aug 19, 2024
KQL-for-Everything
Public
KQL example queries for working in Azure
MIT License
•5•0•0•0•Updated Aug 5, 2024Aug 5, 2024
windows_hardening1
Public
HardeningKitty and Windows Hardening Settings
PowerShell
•
MIT License
•314•0•0•0•Updated Aug 1, 2024Aug 1, 2024
FlowAnalyzer
Public
FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
Jupyter Notebook
•
MIT License
•10•0•0•0•Updated Jul 8, 2024Jul 8, 2024
sinon
Public
Automation tool for Windows Deception Host Burn-In
Go
•
Apache License 2.0
•8•0•0•0•Updated Jul 2, 2024Jul 2, 2024
Certiception
Public
An ADCS honeypot to catch attackers in your internal network.
Jinja
•
Apache License 2.0
•18•0•0•0•Updated Jun 27, 2024Jun 27, 2024
ConditionalAccessBaseline
Public
8•0•0•0•Updated Jun 26, 2024Jun 26, 2024
Kdrill
Public
Python tool to check rootkits in Windows kernel
Python
•
BSD 3-Clause "New" or "Revised" License
•20•0•0•0•Updated Jun 24, 2024Jun 24, 2024
netfetch
Public
Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.
Go
•
MIT License
•25•0•0•0•Updated Jun 23, 2024Jun 23, 2024
IOC-Cartographer_TLP-CLEAR
Public
Python
•2•0•0•0•Updated Jun 5, 2024Jun 5, 2024
ELFieScanner
Public
A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.
C++
•
MIT License
•11•0•0•0•Updated May 13, 2024May 13, 2024
Microsoft-Analyzer-Suite
Public
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
PowerShell
•
GNU General Public License v3.0
•38•0•0•0•Updated Apr 22, 2024Apr 22, 2024
Tier0-User-Management
Public
Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos Authentication policy to the user
PowerShell
•9•0•0•0•Updated Apr 19, 2024Apr 19, 2024
coderex
Public
A tool that automates regex generation for the x86 and x86-64 instruction sets
Python
•
GNU Affero General Public License v3.0
•3•0•0•0•Updated Apr 18, 2024Apr 18, 2024
inspektor-gadget
Public
The eBPF tool and systems inspection framework for Kubernetes, containers and Linux hosts.
C
•
Apache License 2.0
•245•0•0•0•Updated Mar 29, 2024Mar 29, 2024
tracee
Public
Linux Runtime Security and Forensics using eBPF
Go
•
Apache License 2.0
•418•0•0•0•Updated Mar 29, 2024Mar 29, 2024
security-profiles-operator
Public
The Kubernetes Security Profiles Operator
C
•
Apache License 2.0
•107•0•0•0•Updated Mar 28, 2024Mar 28, 2024