Blue Team
Browse 116 blue team tools
FEATURED
A super-simple, modern framework for organizing and automating cybersecurity tasks.
An open-source platform that builds instrumented environments, simulates attacks, and integrates with Splunk for detection rule development and testing.
A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.
Caldera is a cybersecurity framework by MITRE for automated security assessments and adversary emulation.
BlueTeam.Lab provides Terraform and Ansible scripts to deploy an orchestrated detection laboratory for testing attacks and forensic artifacts in a SOC-like Windows environment.
A pocket reference guide providing various options for navigating and pivoting through different environments and situations.
A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
Blue-team capture the flag competition for improving cybersecurity skills.
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
Cross-platform HTTP honeypot that traps bots with infinite data streams
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.
PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.
A planning framework document that guides red team exercise preparation with focus on blue team development and constructive learning outcomes.
A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.
A guide to bypassing RFID card reader security mechanisms using specialized hardware
