PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
-
Updated
May 1, 2025 - PowerShell
#
blue-team
Here are 18 public repositories matching this topic...
Collection of PowerShell functinos and scripts a Blue Teamer might use
powershell cve defense dns-over-https doh blueteam blue-team cve-search blue-teams powershell-blue-team
-
Updated
Oct 4, 2023 - PowerShell
🧰 Various PowerShell scripts for security, sysadmins, blue and red teams👫🏼
-
Updated
Aug 8, 2025 - PowerShell
Example of Kerberoasting Honeypot
-
Updated
Jan 6, 2023 - PowerShell
An arms cache for security consultants, red teams and penetration testers. Sometimes for defenders too.
-
Updated
Jul 31, 2023 - PowerShell
Capture all events across all logs produced during the running of a particular exploit/script. Search and filter events
-
Updated
Sep 5, 2021 - PowerShell
Automation and security testing playground
-
Updated
Nov 2, 2023 - PowerShell
Hayabusa to the SIEM made easy
-
Updated
May 25, 2025 - PowerShell
Analyzing PowerShell execution on Windows systems.
-
Updated
Apr 12, 2025 - PowerShell
CyberThreat Monitor (SIEM Lab) with Microsoft Azure is a comprehensive threat monitoring solution built on Azure Sentinel, providing real-time visibility into global cyber threats.
powershell honeypot cybersecurity siem threat-analysis threat-intelligence microsoft-azure blue-team kql
-
Updated
Oct 5, 2023 - PowerShell
Yet-Another-BlueTeam-Repo-YABTR. A Repo for a collection of FREE Blue team tools for both windows and Linux.. Not vendor buy to defend products.
-
Updated
Jun 30, 2019 - PowerShell
Generates a threat feed IP list from a user-furnished ASN list.
-
Updated
Jul 4, 2023 - PowerShell
Flexible PowerShell-based file integrity monitor with Syslog and Email functionality
windows monitoring powershell syslog cybersecurity blue-team file-integrity-monitoring alerting-tools
-
Updated
Aug 28, 2023 - PowerShell
This repository implements a check on System32 executable files to detect backdoor by renamed file
-
Updated
Feb 2, 2025 - PowerShell
Argus-AD is a comprehensive Active Directory security assessment tool designed for SYSADMINs and IT Admins to identify misconfigurations, privilege escalation paths, lateral movement opportunities, and hybrid identity issues in their Active Directory environments.
security auditing active-directory cybersecurity infosec pentesting recon hybrid argus privilege-escalation red-team active-directory-integration blue-team sysadmin-tool misconfiguration active-directory-exploitation active-directory-security argus-ad
-
Updated
Apr 2, 2025 - PowerShell
Powershell script to detect after-hours logons from Windows Event Logs
-
Updated
Jun 3, 2025 - PowerShell
A Script to use with a scheduled task to keep launching Insight VM scans.
security task powershell cybersecurity task-scheduler powershell-script scheduled blue-team rapid7 insightvm blue-team-tool rapid7-api rapid7-insightvm insightvm-api powershelluniv
-
Updated
Sep 20, 2024 - PowerShell
🛡️ PowerShell threat hunting tool for scanning processes, services, autoruns, and TCP connections
-
Updated
Aug 6, 2025 - PowerShell
Improve this page
Add a description, image, and links to the blue-team topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the blue-team topic, visit your repo's landing page and select "manage topics."