GitHub topics: purpleteam | Ecosyste.ms: Repos

demogrito/DocEx

APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files

Language: C++ - Size: 15.6 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 1 - Forks: 0

ssnkhan/adversarial-threat-modelling

Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop

Language: Jupyter Notebook - Size: 59.1 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 68 - Forks: 10

api0cradle/UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

Language: PowerShell - Size: 679 KB - Last synced at: 1 day ago - Pushed at: over 1 year ago - Stars: 1,978 - Forks: 363

PlumHound/PlumHound

Bloodhound Reporting for Blue and Purple Teams

Language: Python - Size: 5.99 MB - Last synced at: 2 days ago - Pushed at: 3 months ago - Stars: 1,190 - Forks: 116

idnahacks/GoodHound

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

Language: Python - Size: 4.05 MB - Last synced at: about 2 hours ago - Pushed at: 10 months ago - Stars: 464 - Forks: 41

PurpleShivaTeam/purpleshivatools

Purple Shiva Tools: cybersecurity toolkit designed to help beginners ramp up quickly. Rich documentation, usage examples, and tutorials — easy to extend.

Size: 963 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 2 - Forks: 2

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Language: Python - Size: 1.63 MB - Last synced at: 2 days ago - Pushed at: 6 months ago - Stars: 1,335 - Forks: 242

freakick22/SpyAI

Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activity — frame by frame

Language: C++ - Size: 19.7 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 29 - Forks: 10

cyb3rxp/awesome-soc

A collection of sources of documentation, as well as field best practices, to build/run a SOC

Size: 20.5 MB - Last synced at: 5 days ago - Pushed at: 16 days ago - Stars: 1,388 - Forks: 226

iknowjason/PurpleCloud

A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

Language: Python - Size: 42.9 MB - Last synced at: 1 day ago - Pushed at: about 2 months ago - Stars: 572 - Forks: 97

RootUp/SmuggleShield

Protection against HTML smuggling attacks.

Language: JavaScript - Size: 663 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 97 - Forks: 10

PaperMtn/gitlab-watchman

Finding exposed secrets and personal data in GitLab

Language: Python - Size: 296 KB - Last synced at: about 13 hours ago - Pushed at: 6 months ago - Stars: 198 - Forks: 25

FalconForceTeam/FalconFriday

Hunting queries and detections

Size: 300 KB - Last synced at: 5 days ago - Pushed at: 4 months ago - Stars: 796 - Forks: 96

joseguzman1337/offensive-security

PurpleTeam

Language: Python - Size: 583 MB - Last synced at: 7 days ago - Pushed at: 8 days ago - Stars: 4 - Forks: 2

AnLoMinus/Diablo

Diablo ~ Hacking / Pentesting & Reporting

Language: Shell - Size: 71.3 KB - Last synced at: 5 days ago - Pushed at: about 2 years ago - Stars: 218 - Forks: 32

Add3r/Proxy_Bypass

Command-line tool to identify useragents that bypasses proxy restrictions

Language: Python - Size: 3.22 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 10 - Forks: 2

cr0nx/awesome-linux-attack-forensics-purplelabs

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

Size: 95.7 KB - Last synced at: 11 days ago - Pushed at: about 2 years ago - Stars: 284 - Forks: 38

api0cradle/LOLBAS 📦

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Language: XSLT - Size: 968 KB - Last synced at: 10 days ago - Pushed at: over 6 years ago - Stars: 1,606 - Forks: 350

PaperMtn/slack-watchman

Slack enumeration and exposed secrets detection tool

Language: Python - Size: 2.4 MB - Last synced at: 8 days ago - Pushed at: 5 months ago - Stars: 377 - Forks: 43

mthcht/Purpleteam

Purpleteam scripts simulation & Detection - trigger events for SOC detections

Language: PowerShell - Size: 39.5 MB - Last synced at: 11 days ago - Pushed at: 5 months ago - Stars: 185 - Forks: 19

iknowjason/BlueCloud

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

Language: HTML - Size: 30.6 MB - Last synced at: 5 days ago - Pushed at: over 2 years ago - Stars: 134 - Forks: 28

LOLBAS-Project/LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Language: XSLT - Size: 2.01 MB - Last synced at: 20 days ago - Pushed at: 20 days ago - Stars: 7,493 - Forks: 1,034

Viralmaniar/Remote-Desktop-Caching-

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Language: Python - Size: 20.5 KB - Last synced at: 22 days ago - Pushed at: almost 7 years ago - Stars: 215 - Forks: 57

CroodSolutions/AutoPwnKey

AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over the short term, while over the long term help AV/EDR vendors improve how they handle AHK scripts.

Language: AutoHotkey - Size: 1.28 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 25 - Forks: 5

franckferman/SecSheets

🛡️ The Ultimate Cybersecurity Cheat Sheets Hub — Pentest, Red Team, Blue Team, Purple Team, GRC — Tools, Methodologies, Frameworks & Compliance. Practical, Uncompromising.

Size: 12.7 KB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0

DarkSpaceSecurity/DocEx

APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files

Language: C++ - Size: 21.5 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 1

DarkSpaceSecurity/RunAs-Stealer

RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging

Language: C++ - Size: 29.3 KB - Last synced at: about 2 months ago - Pushed at: 2 months ago - Stars: 169 - Forks: 30

DarkSpaceSecurity/SpyAI

Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's using GPT-4 Vision to analyze them and construct daily activity — frame by frame

Language: C++ - Size: 19.8 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 7 - Forks: 2

txuswashere/pentesting

CyberSec Resources: FRAMEWORKS & STANDARDS; Pentesting Audits & Hacking; PURPLE TEAMING, AD, API, web, clouds, CTF, OSINT, Pentest tools, Network Security, Privilege escalation, Exploiting, Reversing, Secure Code, Bug Bounty, ...

Size: 36.4 MB - Last synced at: about 2 months ago - Pushed at: about 2 years ago - Stars: 26 - Forks: 3

MrM8BRH/CRLJ

The repository is a valuable resource for individuals looking to enhance their knowledge and skills in cybersecurity. It provides in-depth materials and guides for various cybersecurity domains.

Size: 282 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 90 - Forks: 13

audibleblink/kh

Keyhack - Golang API token/webhook validator

Language: Go - Size: 32.2 KB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 16 - Forks: 0

CroodSolutions/BypassIT

BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.

Language: AutoIt - Size: 1.09 MB - Last synced at: 6 days ago - Pushed at: 4 months ago - Stars: 35 - Forks: 11

TH3xACE/EDR-Test

Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].

Size: 1.42 MB - Last synced at: 2 months ago - Pushed at: about 2 years ago - Stars: 149 - Forks: 19

CroodSolutions/WWB-COM_Tools

This project is intended to organize useful scripts for testing WWB-COM basic scripts for purple teaming and self assessment.

Language: Visual Basic 6.0 - Size: 65.4 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1 - Forks: 1

purpleteam-labs/purpleteam

CLI component of OWASP PurpleTeam

Language: JavaScript - Size: 2.25 MB - Last synced at: 22 days ago - Pushed at: over 1 year ago - Stars: 128 - Forks: 15

Ziconius/FudgeC2

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Language: Python - Size: 904 KB - Last synced at: about 2 months ago - Pushed at: about 2 years ago - Stars: 251 - Forks: 53

Viralmaniar/MurMurHash

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Language: Python - Size: 16.6 KB - Last synced at: 22 days ago - Pushed at: over 1 year ago - Stars: 117 - Forks: 18

BrAmaral/Purple-Team-Resources

A curated list of tools and resources that I use daily as a Purple-Team operator.

Language: Shell - Size: 173 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 35 - Forks: 3

SECURITY-BUFFOR/.tweaks

Language: CSS - Size: 47.9 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

ziesemer/ad-privileged-audit

Provides various Windows Server Active Directory (AD) security-focused reports.

Language: PowerShell - Size: 396 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 90 - Forks: 16

bluecapesecurity/PWF

Practical Windows Forensics Training

Language: PowerShell - Size: 2.56 MB - Last synced at: 6 months ago - Pushed at: about 1 year ago - Stars: 617 - Forks: 108

scythe-io/purple-team-exercise-framework

Purple Team Exercise Framework

Size: 9.91 MB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 624 - Forks: 100

darmado/Atomic-Red-Team-C2

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

Language: Python - Size: 15.8 MB - Last synced at: 4 months ago - Pushed at: 8 months ago - Stars: 171 - Forks: 22

TheMuntu/Wazuh-Detection

This is a collection of various Wazuh detection rules for vulnerabilities, malware and adversary emulations.

Size: 38.1 KB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 5 - Forks: 1

LasCC/HackTools

The all-in-one browser extension for offensive security professionals 🛠

Language: TypeScript - Size: 38.7 MB - Last synced at: 7 months ago - Pushed at: 9 months ago - Stars: 5,804 - Forks: 646

PaperMtn/slack-watchman-enterprise-grid

Monitoring your Slack Enterprise Grid for sensitive information

Language: Python - Size: 118 KB - Last synced at: about 22 hours ago - Pushed at: about 2 years ago - Stars: 20 - Forks: 2

mattreduce/offensive-steampipe

Steampipe queries for red and purple teams https://steampipe.io/

Size: 1.95 KB - Last synced at: 2 days ago - Pushed at: about 4 years ago - Stars: 7 - Forks: 0

an4kein/osint-brazino-777

Dorks por Categoria: Explorando o Cenário Brasileiro

Size: 73.2 KB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0

lefayjey/DNSExfil

DNS Exfiltration tool allowing sending multiple (encrypted) files simultaneously, resuming interrupted transfers.

Language: Python - Size: 58.6 KB - Last synced at: 2 days ago - Pushed at: 8 months ago - Stars: 1 - Forks: 1

PaperMtn/github-watchman

Monitoring GitHub for sensitive data shared publicly

Language: Python - Size: 37.1 KB - Last synced at: about 22 hours ago - Pushed at: over 3 years ago - Stars: 66 - Forks: 7

ch33r10/EnterprisePurpleTeaming

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

Size: 2.78 MB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 574 - Forks: 92

josh-morin/offensive-scripts

Scripts for red team / pen-testing / infra maintenance.

Language: Python - Size: 9.77 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0

mikeprivette/NIST-to-Tech

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Size: 74.2 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 105 - Forks: 13

Add3r/UserAgent-Fuzz-lib

User-agent Fuzzing Library. This repository holds data of all the user agents in the `user_agents.json` file, which can be used directly with any tool that can parse json format.

Language: Python - Size: 3.45 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 16 - Forks: 2

chandraktrivedi/PurpleHawkS

All-In-One: Purple Teaming Exercises with Open-Source Tools

Size: 2.5 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

w8mej/PoorOperationalSecurityPractices

Deceptive tradecraft should be fun and light, not stern and stressful. It is cool to be cute.

Language: HTML - Size: 501 KB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 12 - Forks: 5

purpleteam-labs/purpleteam-iac-sut

Infrastructure as Code for SUTs

Language: HCL - Size: 158 KB - Last synced at: about 1 year ago - Pushed at: almost 3 years ago - Stars: 6 - Forks: 2

netsecurity-as/recon365

Gather information from an email address connected to Office 365

Language: Python - Size: 117 KB - Last synced at: about 1 year ago - Pushed at: about 2 years ago - Stars: 77 - Forks: 5

PaperMtn/stack-overflow-watchman

Monitoring Stack Overflow Enterprise for exposed secrets

Language: Python - Size: 43.9 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0

Sam0x90/CTI

Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on

Language: PowerShell - Size: 2.57 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 75 - Forks: 5

AnLoMinus/PurpleTeam

PurpleTeam - Tools and more..

Size: 10.7 KB - Last synced at: about 2 months ago - Pushed at: almost 3 years ago - Stars: 1 - Forks: 0

raresteak/bloodhoundce-stuff

Personal Bloodhound Community Edition notes

Size: 133 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

Mehdi0x90/Red-Teaming

Red teaming can be defined as the process of testing your cybersecurity effectiveness through the removal of defender bias by applying an adversarial lens to your organization.

Size: 16.6 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

Offs3cOps/execcmd

A simple powershell script to execute one liner commands in windows

Language: PowerShell - Size: 7.81 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

tidalcyber/cyber-threat-profiling

A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense

Size: 10.7 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 28 - Forks: 4

mturhanlar/turme

This is a repository for Penetration Test, Purple Team Exercise and Red Team

Size: 2.64 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 15 - Forks: 1

DefensiveOrigins/APT-Lab-Terraform

Purple Teaming Attack & Hunt Lab - Terraform

Language: HCL - Size: 809 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 155 - Forks: 31

dotBATmanNO/PSGet-Domain-MailInfo

PowerShell script to get domain mail info and control status such as MX, SPF, DKIM, DMARC and StartTLS.

Language: PowerShell - Size: 50.8 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 12 - Forks: 2

jwillyamz/ezEmu

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

Language: C# - Size: 12.7 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 103 - Forks: 10

DefensiveOrigins/AtomicPurpleTeam

Atomic Purple Team Framework and Lifecycle

Size: 2.78 MB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 258 - Forks: 32

thunder-katz/CWRU-cybersec-20-Red-vs-Blue

Documentation of the Red vs Blue project from the CWRU Cybersecurity course.

Size: 2.06 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

thunder-katz/CWRU-cybersec-Final-Project

Documentation of the Final Project from the CWRU Cybersecurity course.

Size: 31.2 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0

Jerr279/Purple_Team_Python

A Collection Of Cyber security and Hacking Scripts for Both Red and Blue team to make life a bit easier

Language: Python - Size: 22.5 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0

NextSecurity/PurpleSharpEnhanced Fork of mvelazc0/PurpleSharp

PurpleSharpEnhanced is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

Language: C# - Size: 282 KB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 1 - Forks: 2

jsutch/credsgrabber

A group of simple scripts in python and shell to zip up interesting credentials or other data and post them to a lightweight dns and http listeners. Shows POC and can be used to test SIEM triggers

Language: Python - Size: 10.7 KB - Last synced at: over 1 year ago - Pushed at: almost 3 years ago - Stars: 1 - Forks: 0

insecurecodes/athenaeum

IT Security library

Size: 24.4 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 4 - Forks: 2

masrikky/cybersecurity

Cyber Security Roadmap! - Open Source

Size: 2.93 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 0 - Forks: 0

purpleteam-labs/purpleteam-tls-scanner

TLS scanning component of OWASP PurpleTeam

Language: JavaScript - Size: 961 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 9 - Forks: 6

PaperMtn/trello-watchman 📦

Monitoring your Trello boards for sensitive information

Language: Python - Size: 53.7 KB - Last synced at: 19 days ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 1

ethanolivertroy/bsides-tampa-2023

Slides and Notes from Bsides Tampa 2023

Size: 62.7 MB - Last synced at: 6 days ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0

anil-yelken/sigma-rules

sigma rules

Size: 29.3 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 9 - Forks: 7

blackbotsecurity/AWS-Attack

AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, Pacu.

Language: Python - Size: 263 KB - Last synced at: about 2 years ago - Pushed at: about 4 years ago - Stars: 38 - Forks: 10

jordanjoewatson/payloadkit

An offensive security framework for writing payloads

Language: Python - Size: 54.7 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 1

jstnk9/TIBER-Cases

TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to TIBER-EU processes.

Language: Python - Size: 11.1 MB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 17 - Forks: 4

iknowjason/Velociraptor_Azure 📦

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.

Language: HCL - Size: 14.1 MB - Last synced at: about 2 years ago - Pushed at: about 4 years ago - Stars: 15 - Forks: 4

iknowjason/HELK_Azure 📦

A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small HELK R&D lab in Azure.

Language: HCL - Size: 332 KB - Last synced at: about 2 years ago - Pushed at: about 4 years ago - Stars: 2 - Forks: 1