Skip to content

ryanmrestivo/blue-team

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

76 Commits
Autoruns
Autoruns
 
 
BlueRabbit
BlueRabbit
 
 
Bluechecker
Bluechecker
 
 
CHIRP
CHIRP
 
 
CyberChef
CyberChef
 
 
FullEventLogView
FullEventLogView
 
 
Linux Security and Monitoring Scripts
Linux Security and Monitoring Scripts
 
 
PSEnum - PrivescCheck
PSEnum - PrivescCheck
 
 
PersistenceSniper
PersistenceSniper
 
 
SEC505 Scripts
SEC505 Scripts
 
 
Threat Intelligence-&-OSINT
Threat Intelligence-&-OSINT
 
 
Trawler
Trawler
 
 
_OS_Analysis
_OS_Analysis
 
 
_cloud
_cloud
 
 
_file-analysis
_file-analysis
 
 
attack-surface-analyzer
attack-surface-analyzer
 
 
ir-rescue
ir-rescue
 
 
sigma
sigma
 
 
threat-hunting
threat-hunting
 
 
triage-ir-v1
triage-ir-v1
 
 
.gitattributes
.gitattributes
 
 
README.md
README.md
 
 
egress_filtering_check.ps1
egress_filtering_check.ps1
 
 
processes&ports.bat
processes&ports.bat
 
 
shieldsup.ps1
shieldsup.ps1
 
 
wifi.bat
wifi.bat
 
 

Repository files navigation

Tools of the Trade

If you have any issues with a tool here, or have questions about usage, or really anything, please reach out and I will be glad to help.

The tools here are broad in function but have many uses in the Triage/Threat Hunting/Incident Response fields. Be careful and do your own research with PEs you find on the internet!

Tools like Seatbelt can be compiled directly from their source code, while triage-ir-v1 cannot. I have determined that these tools are safe, but again, do your own research!

About

Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs with caution.

Resources

Readme
Activity

Stars

39 stars

Watchers

7 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages