Blue Team

Tools designed for either passive or active defence systems. Includes Honeypot systems, Event-log analyses and monitoring tools

Ansible Role Log4Shell Detector

AntiVMDetection

Tool to harden VM's against environment detection

Artillery

Combined honeypot, monitoring tool, and alerting system

BoomBox

Auto-Install script for Cuckoo Malware analysis sandbox

Canarytokens

Canarytokens helps track activity and actions on your network.

chkrootkit

Linux rootkit finder

CobaltStrikeScan

Scan files or process memory for Cobalt Strike beacons and parse their configuration

Endlessh

SSH Tarpit

Email Header Analyser

Parses email headers into human readable format

EVTX-to-MITRE-Attack

EVTX to MITRE Att@ck is a Security Information Management System orientated project. It provides >270 Windows IOCs indicators classified per Tactic and Technique in order to address different security scenarios with your SIEM

HoneyUp

An uploader honeypot designed to look like poor website security.

Infection Monkey

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection

Kushtaka

All-In-One honeypot solution for under-resourced blue teams

Labrea

ARP tarpit

Logout4Shell

LogonTracer

Tool to investigate malicious logons by visualising and analysing Active Directory event logs

Loki

Scanner for Simple Indicators of Compromise

Manuka

Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers.

Maltrail

Malicious traffic detection system

Pafish

Used to detect sandboxes and virtual environments - Useful for Cuckoo

ssh-audit

Tool to audit ssh server and client configs

VMCloak

Tool to harden against VM detection - Designed for use with Cuckoo

PreviousSecurity Tools NextCrypto & Cracking

Last updated 1 year ago

Was this helpful?

Blue Team

Tools designed for either passive or active defence systems. Includes Honeypot systems, Event-log analyses and monitoring tools

Ansible Role Log4Shell Detector

Role to run script on Debian and RHEL base OS.

AntiVMDetection

Tool to harden VM's against environment detection

Artillery

Combined honeypot, monitoring tool, and alerting system

BoomBox

Auto-Install script for Cuckoo Malware analysis sandbox

Canarytokens

Canarytokens helps track activity and actions on your network.

chkrootkit

Linux rootkit finder

CobaltStrikeScan

Scan files or process memory for Cobalt Strike beacons and parse their configuration

Endlessh

SSH Tarpit

Email Header Analyser

Parses email headers into human readable format

EVTX-to-MITRE-Attack

HoneyUp

An uploader honeypot designed to look like poor website security.

Infection Monkey

The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection

Kushtaka

All-In-One honeypot solution for under-resourced blue teams

Labrea

ARP tarpit

Logout4Shell

he research team has developed the following code that exploits the same vulnerability and the payload therein sets the vulnerable setting as disabled. The payload then searches for all LoggerContext and removes the JNDI Interpolator preventing even recursive abuses. this effectively blocks any further attempt to exploit Log4Shell on this server.

LogonTracer

Tool to investigate malicious logons by visualising and analysing Active Directory event logs

Loki

Scanner for Simple Indicators of Compromise

Manuka

Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers.

Maltrail

Malicious traffic detection system

Pafish

Used to detect sandboxes and virtual environments - Useful for Cuckoo

ssh-audit

Tool to audit ssh server and client configs

VMCloak

Tool to harden against VM detection - Designed for use with Cuckoo

PreviousSecurity Tools NextCrypto & Cracking

Last updated 1 year ago

Was this helpful?