Repository navigation

purpleteam

Website
Wikipedia

LOLBAS-Project / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

lolbins redteam blueteam purpleteam dfir living-off-the-land

XSLT

7465

1032

4 天前

LasCC / HackTools

The all-in-one browser extension for offensive security professionals 🛠

reverse-shell Hacking hack-tools Chrome 插件 Firefox 插件 hacktools payloads xss-payloads hack msfvenom metasploit hackbar cheatsheet purpleteam redteam Bug Bounty

TypeScript

6042

677

3 个月前

api0cradle / UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

applocker bypass rules redteam blueteam purpleteam

PowerShell

1966

360

2 年前

api0cradle / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

lolbins redteam blueteam purpleteam dfir living-off-the-land

XSLT

1603

349

6 年前

cyb3rxp / awesome-soc

A collection of sources of documentation, as well as field best practices, to build/run a SOC

cert detection soc siem soa soar tip architecture incident-response management mitre-attack purpleteam risk-management ttp

1364

222

2 个月前

ahmedkhlief / APT-Hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

threat-hunting purpleteam Python windows-eventlog apt-attacks incident-response forensic-analysis windows-event-logs

Python

1329

243

5 个月前

PlumHound / PlumHound

Bloodhound Reporting for Blue and Purple Teams

active directory blueteam purpleteam bloodhound bloodhoundad Cybersecurity active-directory bloodhoundad-cypher-queries purple-teams Neo4j attack-paths activedirectory redteam reporting-tool penetration-testing

Python

1176

116

2 个月前

FalconForceTeam / FalconFriday

Hunting queries and detections

kql blueteam hunting purpleteam sentinel defender-for-endpoint

785

3 个月前

scythe-io / purple-team-exercise-framework

Purple Team Exercise Framework

purpleteam redteam blueteam

696

107

1 年前

bluecapesecurity / PWF

Practical Windows Forensics Training

Cybersecurity forensics blueteam purpleteam

PowerShell

656

124

1 年前

ch33r10 / EnterprisePurpleTeaming

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

adversary adversary-emulation adversary-simulation purpleteam purple-team red-team redteam

649

2 年前

iknowjason / PurpleCloud

A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

Azure pentest purpleteam siem dfir dfir-automation

Python

564

1 个月前

idnahacks / GoodHound

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

active-directory activedirectory bloodhound Neo4j Python blueteam redteam purpleteam Cybersecurity

Python

460

9 个月前

PaperMtn / slack-watchman

Slack enumeration and exposed secrets detection tool

blueteam blue-team Cybersecurity Slack 工具 redteam red-team purpleteam purple-team slack-api 监控

Python

374

4 个月前

DefensiveOrigins / AtomicPurpleTeam

Atomic Purple Team Framework and Lifecycle

purpleteam hunting attack attack-defense attack-detection lifecycle famework

294

4 年前

cr0nx / awesome-linux-attack-forensics-purplelabs

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

attack-defense blueteam detection dfir injection Linux purpleteam redteam rootkit

281

2 年前

Ziconius / FudgeC2

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

PowerShell 安全 command-and-control c2 Python redteam readteaming purpleteam implant Cybersecurity offensive-security post-exploitation

Python

252

2 年前

AnLoMinus / Diablo

Diablo ~ Hacking / Pentesting & Reporting

diablo Hacking pentesting reporting scanning blueteam purpleteam redteam reporter portscan portscanner

Shell

217

2 年前

Viralmaniar / Remote-Desktop-Caching-

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

blueteam redteam Hacking internal-pentest penetration-testing redteaming forensics forensics-investigations forensic-analysis infrastructure-monitoring blue-team hacking-tools purpleteam

Python

215

7 年前

PaperMtn / gitlab-watchman

Finding exposed secrets and personal data in GitLab

blueteam blue-team Cybersecurity GitLab 工具 redteam red-team purpleteam purple-team gitlab-api 监控 dlp data-loss-prevention

Python

197

5 个月前