Pentest Tips
  • ABOUT
  • Information Shares
  • CTF
    • Stego
    • Memory
  • Blue Team
    • Tools/Resources
    • One Liners
    • Threat Hunting
    • Scripts
    • Intrusion
  • Web
    • Resources
    • General Web
    • Subdomain Discovery
    • Content Discovery
    • MYSQL
    • Burpsuite
  • Network Exploitation
    • Resources
    • Kerberos
    • Network Based
    • Phishing
    • Metasploit
    • Weaponization
    • Password Cracking
    • Shell Upgrades
    • Linux PrivEsc
    • Windows PrivEsc
    • Windows Persistence
    • Exfiltration
  • Windows Internals
    • Kernal
  • Recon
    • Nmap
    • OSINT
    • SMB Enumeration
    • LDAP
    • Physical
  • Malware
    • Obfuscation
  • Scripting
    • Bash Basics
    • Powershell Basics
  • Cloud
    • AWS
  • Game Hacking
    • Resources
Powered by GitBook
On this page
  • Competition ONLY tools
  • Mallard
  • Bandaid
  • General Tools
  • Basic Static Analysis
  • Advanced Static
  • Basic Dynamic
  • Advanced Dynamic
  • Resources
Edit on GitHub
  1. Blue Team

Tools/Resources

PreviousMemoryNextOne Liners

Last updated 3 years ago

Competition ONLY tools

You dont want to use these on production servers

Mallard

Mallard is my personal blue team tool written in Golang. Its main focus is on automating my 5 minute plan, and preventing new connections/sessions to the scored machine:

Bandaid

Awesome blue team tool created by focused on protecting scored services and maintaining persistent uptime:

General Tools

For windows blue-teaming, proficiency with sysinternals really can not be beat:

  • Windows Defense/auditing:

Basic Static Analysis

  • Exe Dependencys:

  • Exe Inspector:

  • Exe Inspector:

  • Exe Inspector:

  • File Inspector:

  • Packer/Unpacker:

  • Metadata Viewer:

  • MD5 Hasher:

Advanced Static

Basic Dynamic

Advanced Dynamic

Resources

.NET Dissassembler/decompiler:

Dissassembler:

Dissassembler:

Hex Editor:

DNS Spoofer/ Phony DNS:

View Autorun Processes:

Process Explorer:

Process Monitor:

Windows Registry Snapshot:

TCP/IP proxy/spoofer:

Packet Sniffer:

Process Inspector:

NSA Made Decompiler:

Process pointer Inspector:

Debugger:

Debugger:

Debugger:

Snort Cheat sheet:

https://github.com/F1shh-sec/BlueTeamTools
mdbook
https://github.com/Mdbook/bandaid
Sysinteranls
Dependency Walker
PE Studio
PEiD
PEView
Resource Hacker
UPX
Exiftool
ExifTool GUI
MD5Deep
dnSpy
IDA 5.0
IDA 7.0
HxD
ApateDNS
Autoruns
Process Explorer
Process Monitor
Regshot
Netcat
Wireshark
Process Hacker 2
Ghidra
Cheat Engine
OllyDBG
x64DBG
Immunity Debugger
THM Snort