Repository navigation

purpleteam

Website
Wikipedia

LOLBAS-Project / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

lolbins redteam blueteam purpleteam dfir living-off-the-land

XSLT

7856

1076

1 个月前

LasCC / HackTools

The all-in-one browser extension for offensive security professionals 🛠

reverse-shell Hacking hack-tools Chrome 插件 Firefox 插件 hacktools payloads xss-payloads hack msfvenom metasploit hackbar cheatsheet purpleteam redteam Bug Bounty

TypeScript

6232

691

7 个月前

api0cradle / UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

applocker bypass rules redteam blueteam purpleteam

PowerShell

2010

366

2 年前

api0cradle / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

lolbins redteam blueteam purpleteam dfir living-off-the-land

XSLT

1614

352

7 年前

cyb3rxp / awesome-soc

A collection of sources of documentation, as well as field best practices, to build/run a SOC

cert detection soc siem soa soar tip architecture incident-response management mitre-attack purpleteam risk-management ttp

1475

237

15 天前

ahmedkhlief / APT-Hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

threat-hunting purpleteam Python windows-eventlog apt-attacks incident-response forensic-analysis windows-event-logs

Python

1366

243

9 个月前

PlumHound / PlumHound

Bloodhound Reporting for Blue and Purple Teams

active directory blueteam purpleteam bloodhound bloodhoundad Cybersecurity active-directory bloodhoundad-cypher-queries purple-teams Neo4j attack-paths activedirectory redteam reporting-tool penetration-testing

Python

1220

122

6 个月前

FalconForceTeam / FalconFriday

Hunting queries and detections

kql blueteam hunting purpleteam sentinel defender-for-endpoint

826

102

7 个月前

scythe-io / purple-team-exercise-framework

Purple Team Exercise Framework

purpleteam redteam blueteam

728

117

2 年前

bluecapesecurity / PWF

Practical Windows Forensics Training

Cybersecurity forensics blueteam purpleteam

PowerShell

682

130

1 年前

ch33r10 / EnterprisePurpleTeaming

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

adversary adversary-emulation adversary-simulation purpleteam purple-team red-team redteam

663

101

2 年前

iknowjason / PurpleCloud

A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

Azure pentest purpleteam siem dfir dfir-automation

Python

586

102

5 个月前

idnahacks / GoodHound

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

active-directory activedirectory bloodhound Neo4j Python blueteam redteam purpleteam Cybersecurity

Python

469

1 年前

PaperMtn / slack-watchman

Slack enumeration and exposed secrets detection tool

blueteam blue-team Cybersecurity Slack 工具 redteam red-team purpleteam purple-team slack-api 监控

Python

387

1 个月前

DefensiveOrigins / AtomicPurpleTeam

Atomic Purple Team Framework and Lifecycle

purpleteam hunting attack attack-defense attack-detection lifecycle famework

299

5 年前

cr0nx / awesome-linux-attack-forensics-purplelabs

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

attack-defense blueteam detection dfir injection Linux purpleteam redteam rootkit

295

3 年前

Ziconius / FudgeC2

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

PowerShell 安全 command-and-control c2 Python redteam readteaming purpleteam implant Cybersecurity offensive-security post-exploitation

Python

256

2 年前

AnLoMinus / Diablo

Diablo ~ Hacking / Pentesting & Reporting

diablo Hacking pentesting reporting scanning blueteam purpleteam redteam reporter portscan portscanner

Shell

235

2 年前

Viralmaniar / Remote-Desktop-Caching-

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

blueteam redteam Hacking internal-pentest penetration-testing redteaming forensics forensics-investigations forensic-analysis infrastructure-monitoring blue-team hacking-tools purpleteam

Python

217

7 年前

PaperMtn / gitlab-watchman

Finding exposed secrets and personal data in GitLab

blueteam blue-team Cybersecurity GitLab 工具 redteam red-team purpleteam purple-team gitlab-api 监控 dlp data-loss-prevention

Python

199

9 个月前