Field reference for BTL1 and Tier 1 SOC work — grep-ready cheatsheets, SPL queries, Volatility workflows, live response commands

EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.

Algorithm identification tool on hashes

Enter Morpheus, your advanced IOC detection tool. Powered by expert YARA rules and integrated with VirusTotal, it scans and identifies Indicators of Compromise with unmatched precision across diverse formats, redefining cybersecurity defense.

A Content Discovery and Development Platform. Empowering Cybersecurity, AI, Marketing, and Finance professionals and researchers to discover, analyze, and interact with the web in all its dimensions.

Hackers Cookbook - Tons of hacker cli recipes ready to search and use when you need them

A curation of tools presented at DEF CON conference each year, the world's largest hacker con.

用Go编写的轻量文件监控器. 可以监控终端上指定文件夹内的变化, 阻止删除,修改,新增操作. 可以用于AWD比赛或者终端应急响应

IOC triage at terminal speed — pip install iocx

BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files

ICS Incident Response Automation Framework Python framework for executing automated incident response playbooks in ICS/SCADA environments. Supports network isolation, forensic preservation, logic restoration, and safety system interventions. Designed for defenders, researchers, and red team simulations in operational technology networks.

A runtime Assembly dumper for powershell to combat the rise in .net based crypters and malware.

Powerful Kernel Windows Platform for Malware Analysis, Forensics & Threat Hunting

Verified Entity Identity Lock (Expose hidden trust paths in your AWS IAM setup before they become security risks.)

This Black Python script is not a game! It is a powerful tool to monitor the traffic between clients and malicious .onion sites. We use a code like this to capture bad actors

Automated IP blacklist aggregator from 23 threat intelligence sources - updated hourly via GitHub Actions

ProcessMarauder is an advanced Python library for injecting DLLs into running processes.

Plutus is a tool that is made ready for the purpose of monitoring your server's processes and identifying strange processes!

KPots is a simple honeypots system to capture and log traffic to specified ports. Requires Netcat for monitoring and IPTables for banning. Requires dig for filtering out your own ip address. (Note: I will be adding alternatives in a later realease, but for now, just install dig.)

Welcome to the Tools and Scanners repository! This collection features cybersecurity tools for red and blue team activities, including custom-made tools and scanners to enhance your security posture.