Cybersecurity Blue Team

The "Awesome Cybersecurity Blue Team" project is a curated collection of resources dedicated to the practices and tools used by blue teams in cybersecurity. Blue teams are responsible for defending an organization’s information systems against cyber threats, identifying vulnerabilities, and implementing security measures. This list includes various categories such as incident response tools, threat intelligence platforms, security frameworks, training materials, and community resources. It serves as a valuable asset for cybersecurity professionals, from beginners to experienced practitioners, looking to enhance their defensive strategies and skills. Users can explore this collection to strengthen their understanding of cybersecurity defense mechanisms and improve their organization's security posture.

cybersecurityblue-teamincident-responsethreat-intelligencesecurity-toolsvulnerability-assessmentdefensive-strategies

RSS View on GitHub

5.2k stars779 forks0 contributorsUpdated

27 sections · 220 projects

Automation and Convention

8 projects

Ansible Lockdown

ansiblelockdown.io

Clevis

A pluggable framework for automated decryption of data and unlocking of LUKS volumes using pins like Tang, TPM2, and PKCS#11.

Shell1,20726 days ago

Dshell

An extensible Python framework for network forensic analysis through plugin-based dissection of packet captures.

Python5,4852 years ago

Dev-Sec.io

dev-sec.io

Password Manager Resources

A collaborative collection of data and code quirks to improve password manager compatibility with websites.

JavaScript4,7093 days ago

peepdf

eternal-todo.com

PyREBox

talosintelligence.com

Watchtower

containrrr.dev

Code libraries and bindings

4 projects

MultiScanner

A modular file scanning and analysis framework that automates running a suite of tools and aggregates their output.

Python6226 years ago

Posh-VirusTotal

A PowerShell module for interacting with VirusTotal's API to analyze suspicious files, URLs, domains, and IP addresses.

PowerShell1246 years ago

censys-python

A lightweight Python wrapper for Censys APIs, enabling search, bulk data access, and ASM asset management.

Python46413 days ago

libcrafter

A high-level C++ library for crafting, decoding, and sniffing network packets with a Scapy-like interface.

C++3126 months ago

Orchestration, Automation, and Response (SOAR)

1 projects

Shuffle

shuffler.io

Cloud platform security

7 projects

Aaia

Visualizes AWS IAM and Organizations as a graph using Neo4j to identify security anomalies and privilege escalation paths.

Python2974 months ago

Principal Mapper (PMapper)

A tool for quickly evaluating IAM permissions and identifying security risks in AWS accounts through graph-based analysis.

Python1,5601 year ago

Prowler

An open-source cloud security platform that automates security and compliance assessments across AWS, Azure, GCP, and other cloud providers.

Python13,9551 day ago

Scout Suite

An open-source multi-cloud security auditing tool that assesses cloud environment security posture via provider APIs.

Python7,6848 months ago

gvisor

An application kernel for containers that provides strong isolation by implementing a Linux-like interface in memory-safe Go.

Go18,4791 day ago

Distributed monitoring

5 projects

Kubernetes

11 projects

Managed Kubernetes Inspection Tool (MKIT)

A security inspection tool for managed Kubernetes clusters that identifies common misconfigurations via Docker container and web UI.

Dockerfile3964 years ago

Polaris

polaris.docs.fairwinds.com

Sealed Secrets

A Kubernetes controller and tool for encrypting Secrets into SealedSecrets that can be safely stored in Git.

Go9,1356 days ago

certificate-expiry-monitor

A Kubernetes-native utility that monitors TLS certificate expiry and exposes metrics to Prometheus.

Go1694 years ago

k-rail

A Kubernetes admission controller that enforces security and reliability policies for workloads in multi-tenant clusters.

Go4403 years ago

kube-forensics

A Kubernetes operator that creates checkpoint snapshots of running pods for offline forensic analysis after security incidents.

Go2321 year ago

kube-hunter

kube-hunter.aquasec.com

kubernetes-event-exporter

Export Kubernetes events to multiple destinations like Elasticsearch, Slack, and Opsgenie with flexible routing and filtering.

Go1,0463 years ago

Meshes

2 projects

Communications security (COMSEC)

5 projects

GPG Sync

Automatically sync OpenPGP public keys across an organization to simplify GPG key management.

Python3503 years ago

Geneva (Genetic Evasion)

DevSecOps

16 projects

Bane

A custom AppArmor profile generator for Docker containers that simplifies security configuration.

Go1,2325 years ago

blackbox

A simple wrapper for GPG to encrypt secrets in version control systems like Git, Mercurial, and Subversion.

Static vulnerability analysis for container images (OCI/Docker) via an API that indexes and matches against known security flaws.

Go11,0015 days ago

CodeQL

securitylab.github.com

A comprehensive security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in containers, Kubernetes, code, and clouds.

A Helm plugin that manages secrets using Git workflows and integrates with cloud secret managers.

aquasecurity.github.io

Application or Binary Hardening

4 projects

Compliance testing and reporting

2 projects

Dependency confusion

1 projects

Dependency Combobulator

An open-source, modular framework to detect and prevent dependency confusion attacks across multiple package managers.

Python962 years ago

Fuzzing

3 projects

A self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing to harden software prior to release.

C#2,8262 years ago

Policy enforcement

5 projects

AllStar

A GitHub App that continuously monitors and enforces security policies across organizations and repositories.

Go1,4286 days ago

Conftest

conftest.dev

Open Policy Agent (OPA)

A stateless server for binding data decryption to network presence using asymmetric cryptography, providing a secure alternative to key escrow.

C7031 year ago

Supply chain security

3 projects

Grafeas

grafeas.io

Notary

A client and server implementation of The Update Framework (TUF) for securing software distribution and updates.

Go3,2901 year ago

in-toto

in-toto.io

Honeypots

3 projects

CanaryTokens

Deploy honeytokens across your network to detect unauthorized access and data exfiltration attempts.

Python2,0732 days ago

Kushtaka

kushtaka.org

Manuka

A modular OSINT honeypot that monitors adversary reconnaissance attempts and generates early-warning intelligence for blue teams.

Shell3483 years ago

Tarpits

2 projects

Endlessh

An SSH tarpit that slowly sends an endless banner to trap and waste attackers' time.

C8,4712 years ago

LaBrea

labrea.sourceforge.net

Related Awesome Lists

📦

Hacking

The "Awesome Hacking" project is a curated resource list designed for those interested in the field of hacking, which involves exploring and exploiting vulnerabilities in computer systems and networks. This list encompasses a wide range of categories, including penetration testing tools, ethical hacking tutorials, security research papers, and community forums. It serves as a valuable resource for beginners looking to learn the basics of cybersecurity, as well as experienced professionals seeking advanced techniques and tools. Whether you are aiming to enhance your skills or stay updated on the latest security trends, this collection offers a wealth of information to support your hacking journey.

16.1k

📦

Security

The "Awesome Security" project is a curated collection of resources focused on enhancing security practices in the digital realm. This list encompasses a wide range of categories including security tools, libraries, frameworks, tutorials, and best practices for various platforms and technologies. It is designed to benefit security professionals, developers, and system administrators alike, providing valuable insights and tools to safeguard applications and data. Whether you are a beginner looking to understand security fundamentals or an experienced practitioner seeking advanced techniques, this project offers a wealth of information to help you improve your security posture and protect your digital assets.

14.2k

📦

Malware Analysis

The "Awesome Malware Analysis" project is a curated resource list designed to assist security professionals and researchers in the field of malware analysis. Malware analysis involves examining malicious software to understand its behavior, functionality, and impact. This list includes tools for static and dynamic analysis, reverse engineering resources, malware databases, and educational materials such as tutorials and courses. It is valuable for both beginners looking to learn the basics and experienced analysts seeking advanced techniques and tools. Users can find a wealth of resources to enhance their skills and improve their malware analysis capabilities.

13.6k

📦

Web Security

The "Awesome Web Security" project is a curated collection of resources focused on the security of web applications and services. Web security encompasses practices and technologies designed to protect websites and online services from cyber threats, vulnerabilities, and attacks. This list includes tools for penetration testing, secure coding practices, frameworks, libraries, and educational materials such as articles and tutorials. It is valuable for developers, security professionals, and researchers who seek to enhance their understanding of web security and implement robust security measures. Users can find essential tools and knowledge to safeguard their web applications effectively and stay ahead of potential threats.

13.2k

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub