Welcome

This repository contains a set of scripts designed to enhance the security of Linux systems. These scripts are designed for blue teams during security competitions or for anyone looking to implement stringent security measures on their Linux systems. They are designed for my personal needs and may not meet your own. 

https://github.com/fulco/BlueLinuxBastion

A PowerShell script for rapid initial incident response data collection on a potentially breached Windows system.

This PowerShell script is designed to perform rapid initial data collection on a potentially breached Windows system. It focuses on security, efficiency, and speed to gather crucial information during the early stages of an incident response process.

https://github.com/fulco/BlueWindowsTriage

Many different GPTs available for a wide array of tasks.

https://chat.openai.com/

Your friendly assistant. Fast, capable, and truly conversational. 

https://claude.ai/

Generates images based on prompts.

https://ideogram.ai/

Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community. 

https://virustotal.com/

This is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology 

https://www.hybrid-analysis.com/

YARA is a multi-platform program running on Windows, Linux and Mac OS X. 

https://virustotal.github.io/yara/

IDA Pro as a disassembler is capable of creating maps of their execution to show the binary instructions that are actually executed by the processor in a symbolic representation. 

https://hex-rays.com/ida-pro/

Zero Miss for Office Malware Threats 

https://www.docguard.io/

 Immunity Debugger is a dynamic analysis tool that allows executables to be analyzed at the assembly language level with reverse engineering techniques. 

https://www.immunityinc.com/products/debugger/

Hands-on SOC Analyst training 

https://letsdefend.io/

The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud and local environments, simulates attacks, and forwards the data into a Splunk instance. 

https://github.com/splunk/attack_range

The goal of this project is to provide the red and blue teams with the ability to deploy an ad-hoc detection lab to test various attacks and forensic artifacts on the latest Windows environment and then to get a 'SOC-like' view into generated data. 

https://github.com/op7ic/BlueTeam.Lab

It will list MX records for a domain in priority order. 

https://mxtoolbox.com/

Great tool for monitoring the system and detecting suspicious situations. It’s also free. 

https://processhacker.sourceforge.io/

Procmon tool is a useful tool that provides real-time information by monitoring the activities of processes on Windows. 

https://learn.microsoft.com/tr-tr/sysinternals/downloads/procmon

Volatility is a tool that enables the analysis of memory dumps taken from a compromised machine during the incident response process. 

https://www.volatilityfoundation.org/

Wireshark is a tool that allows capturing, analyzing, and recording network packets passing through network interfaces on the system. 

https://www.wireshark.org/

It gives you the history of different browsers in one table.

https://www.nirsoft.net/utils/browsing_history_view.html