Skip to content

@Blue-infosec Blue-infosec

Change the repository type filter

All

    Repositories list

    1.5k repositories

    • WhoYouCalling

      Public
      Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
      C#
      MIT License
      11000Updated Oct 12, 2024Oct 12, 2024

    • EntraIdManagement

      Public
      Scripts designed to automate and assist administrators with managing Entra Id
      PowerShell
      MIT License
      4000Updated Oct 7, 2024Oct 7, 2024

    • secure-ml

      Public
      Explore ThalesGroup's comprehensive framework for secure machine learning systems on this repository. Developed by Thales experts, this framework encompasses essential security requirements, guidelines, tools, and privacy recommendations tailored specifically for machine learning applications.
      Other
      3000Updated Oct 7, 2024Oct 7, 2024

    • segugio

      Public
      Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracting the malware's final stage configuration.
      C#
      1000Updated Sep 21, 2024Sep 21, 2024

    • fibratus

      Public
      Adversary tradecraft detection, protection, and hunting
      Go
      Other
      189000Updated Sep 9, 2024Sep 9, 2024

    • tracecat

      Public
      The open source Tines / Splunk SOAR alternative.
      Python
      GNU Affero General Public License v3.0
      165000Updated Sep 9, 2024Sep 9, 2024

    • incidental

      Public
      An opensource incident management platform integrating with Slack.
      Python
      MIT License
      14000Updated Sep 7, 2024Sep 7, 2024

    • Respotter

      Public
      Respotter is a Responder honeypot! Catch attackers as soon as they spin up Responder in your environment.
      Python
      MIT License
      10000Updated Sep 5, 2024Sep 5, 2024

    • diana

      Public
      Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
      Python
      MIT License
      10000Updated Sep 4, 2024Sep 4, 2024

    • PANIX

      Public
      Customizable Linux Persistence Tool for Security Research and Detection Engineering.
      Shell
      MIT License
      40000Updated Sep 3, 2024Sep 3, 2024

    • VeilTransfer

      Public
      VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allowing organizations to evaluate and improve their security posture.
      Go
      GNU General Public License v3.0
      12000Updated Aug 26, 2024Aug 26, 2024

    • HEG-3.0

      Public
      PowerShell
      MIT License
      1000Updated Aug 21, 2024Aug 21, 2024

    • Ransomware-Tool-Matrix

      Public
      A resource containing all the tools each ransomware gangs uses
      69000Updated Aug 19, 2024Aug 19, 2024

    • KQL-for-Everything

      Public
      KQL example queries for working in Azure
      MIT License
      5000Updated Aug 5, 2024Aug 5, 2024

    • windows_hardening1

      Public
      HardeningKitty and Windows Hardening Settings
      PowerShell
      MIT License
      310000Updated Aug 1, 2024Aug 1, 2024

    • FlowAnalyzer

      Public
      FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
      Jupyter Notebook
      MIT License
      9000Updated Jul 8, 2024Jul 8, 2024

    • sinon

      Public
      Automation tool for Windows Deception Host Burn-In
      Go
      Apache License 2.0
      8000Updated Jul 2, 2024Jul 2, 2024

    • Certiception

      Public
      An ADCS honeypot to catch attackers in your internal network.
      Jinja
      Apache License 2.0
      18000Updated Jun 27, 2024Jun 27, 2024

    • ConditionalAccessBaseline

      Public
      8000Updated Jun 26, 2024Jun 26, 2024

    • Kdrill

      Public
      Python tool to check rootkits in Windows kernel
      Python
      BSD 3-Clause "New" or "Revised" License
      18000Updated Jun 24, 2024Jun 24, 2024

    • netfetch

      Public
      Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads.
      Go
      MIT License
      25000Updated Jun 23, 2024Jun 23, 2024

    • IOC-Cartographer_TLP-CLEAR

      Public
      Python
      2000Updated Jun 5, 2024Jun 5, 2024

    • ELFieScanner

      Public
      A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.
      C++
      MIT License
      10000Updated May 13, 2024May 13, 2024

    • Microsoft-Analyzer-Suite

      Public
      A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
      PowerShell
      GNU General Public License v3.0
      35000Updated Apr 22, 2024Apr 22, 2024

    • Tier0-User-Management

      Public
      Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos Authentication policy to the user
      PowerShell
      8000Updated Apr 19, 2024Apr 19, 2024

    • coderex

      Public
      A tool that automates regex generation for the x86 and x86-64 instruction sets
      Python
      GNU Affero General Public License v3.0
      3000Updated Apr 18, 2024Apr 18, 2024

    • inspektor-gadget

      Public
      The eBPF tool and systems inspection framework for Kubernetes, containers and Linux hosts.
      C
      Apache License 2.0
      234000Updated Mar 29, 2024Mar 29, 2024

    • tracee

      Public
      Linux Runtime Security and Forensics using eBPF
      Go
      Apache License 2.0
      416000Updated Mar 29, 2024Mar 29, 2024

    • security-profiles-operator

      Public
      The Kubernetes Security Profiles Operator
      C
      Apache License 2.0
      107000Updated Mar 28, 2024Mar 28, 2024

    • attackgen

      Public
      AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.
      Python
      GNU General Public License v3.0
      132000Updated Mar 28, 2024Mar 28, 2024