Make a system look as if it was hit by an APT.
AutomateExploitEndpoints
cyberstars / purpose / blue-team
Tools for blue team
Defensive monitoring, detection and response.
95 tools indexed
Navigate and annotate MITRE ATT&CK.
AnalyzeAutomateEndpointsNetworks
Safely simulate malicious network traffic.
AutomateMonitorNetworks
File triage and malware analysis pipeline.
AnalyzeAutomateBinariesEndpoints
Small, portable ATT&CK detection tests.
AutomateExploitEndpointsNetworks
Cloud forensics for Azure / O365.
AnalyzeMonitorCloud
Web-based SSH bastion and key manager.
HardenMonitorNetworksEndpoints
Active Directory attack-path graphing.
AnalyzeReconActive DirectoryCloud
Cloud-native open-source WAF.
MonitorHardenWeb appsCloud
Malware sandbox + payload extraction.
AnalyzeBinaries
CISA's DFIR tool.
AnalyzeScanEndpoints
Tripwire tokens for free.
MonitorEndpointsNetworks
Hunt across Windows event logs at speed.
AnalyzeMonitorEndpoints
Visualize AWS environments.
AnalyzeReconCloud
Observable analysis engine for TheHive.
AnalyzeAutomateNetworksEndpoints
Medium-interaction SSH/Telnet honeypot.
MonitorAutomateNetworksEndpoints
Hunt PowerShell attacks in Windows logs.
AnalyzeMonitorEndpointsActive Directory
Automated detection lab environment.
AutomateMonitorEndpointsActive Directory
Forensic artifact framework from Fox-IT.
AnalyzeEndpointsBinaries
Network forensic analysis framework.
AnalyzeNetworks
SSH tarpit that wastes attacker time.
MonitorNetworksEndpoints
FAME
—Malware analysis automation.
AnalyzeAutomateBinaries
FIR
—Fast Incident Response platform.
AutomateMonitorEndpointsNetworks
Ban hosts that fail auth too often.
MonitorHardenEndpointsNetworks