network-pentest-metasploitable2

Network / System Penetration Test — Metasploitable 2 !Type...

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room

Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that's longer than the exploitation window itself. Nobody in that...

cyber-operation-lab

Full-Spectrum Cyber Operation Lab: Red Team Execution & Blue T...

Security-Team---Workspace-

🛡️ Security Team Workspace El primer framework de cibersegur...

Design Principles for the Construction of a Benchmark Evaluating Security Operation Capabilities of Multi-Agent AI Systems

As Large Language Models LLMs and multi-agent AI systems are demonstrating increasing potential in cybersecurity operations, organizations, policymakers, model providers, and researchers in the AI and cybersecurity communities are interested in quantifying the capabilities of such AI systems to...

RvB: Automating AI System Hardening Via Iterative Red-Blue Games

The dual offensive and defensive utility of Large Language Models LLMs highlights a critical gap in AI security: the lack of unified frameworks for dynamic, iterative adversarial adaptation hardening. To bridge this gap, we propose the Red Team vs. Blue Team RvB framework, formulated as a...

Too salty to handle: Exposing cases of CSS abuse for hidden text salting

Cisco Talos has been closely monitoring the abuse of cascading style sheets CSS properties to include irrelevant content or salt in different parts of messages, a technique known as hidden text salting. This blog is a follow-up to our previous reports in January and March 2025 on CSS abuse in...

Benchmarking LLM-Assisted Blue Teaming Via Standardized Threat Hunting

As cyber threats continue to grow in scale and sophistication, blue team defenders increasingly require advanced tools to proactively detect and mitigate risks. Large Language Models LLMs offer promising capabilities for enhancing threat analysis. However, their effectiveness in real-world blue...

EvoMail: Self-Evolving Cognitive Agents for Adaptive Spam and Phishing Email Defense

Modern email spam and phishing attacks have evolved far beyond keyword blacklists or simple heuristics. Adversaries now craft multi-modal campaigns that combine natural-language text with obfuscated URLs, forged headers, and malicious attachments, adapting their strategies within days to bypass...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 Python tool for safe archive handling, path trav...

Who'S the Evil Twin? Differential Auditing for Undesired Behavior

Detecting hidden behaviors in neural networks poses a significant challenge due to minimal prior knowledge and potential adversarial obfuscation. We explore this problem by framing detection as an adversarial game between two teams: the red team trains two similar models, one trained solely on...

Benchmarking LLMs in an Embodied Environment for Blue Team Threat Hunting

As cyber threats continue to grow in scale and sophistication, blue team defenders increasingly require advanced tools to proactively detect and mitigate risks. Large Language Models LLMs offer promising capabilities for enhancing threat analysis. However, their effectiveness in real-world blue...

CVE-2024-41592

creationtimestamp| type| source ---|---|--- 2024-10-03 21:38:19+00:00| seen| https://t.me/cvedetector/6931 2024-12-16 13:40:18+00:00| seen| https://t.me/truesecator/6544 2025-01-10 22:09:32+00:00| seen| https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lfg7gqembb2q...

FalconHound - A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time...

Bashfuscator - A Fully Configurable And Extendable Bash Obfuscation Framework

Documentation What is Bashfuscator? Bashfuscator is a modular and extendable Bash obfuscation framework written in Python 3. It provides numerous different ways of making Bash one-liners or scripts much more difficult to understand. It accomplishes this by generating convoluted, randomized Bash...

How Talos IR’s Purple Team can help you prepare for the worst-case scenario

Purple Team exercises are included within the Cisco Talos Incident Response Retainer service and our experts can help your organization find security holes before the bad guys can. As your trusted advisor, our purple team, which is a combination of both red and blue teams, emulates one joint atta...

Gato - GitHub Self-Hosted Runner Enumeration And Attack Tool

Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating publ...

RedditC2 - Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.  Disclaimer: Use of this project is for Educational/Testing purposes only. Using it on unauthorised machines is strictly forbidden. If somebody is...

dnsReaper - Subdomain Takeover Tool For Attackers, Bug Bounty Hunters And The Blue Team!

DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures in our arsenal! We can scan around 50 subdomains per second, testing each one with over 50 takeover signatures. This means most organisations can scan their entire DNS estate i...

The Benefits of Building a Mature and Diverse Blue Team

A few days ago, a friend and I were having a rather engaging conversation that sparked my excitement. We were discussing my prospects of becoming a red teamer as a natural career progression. The reason I got stirred up is not that I want to change either my job or my position, as I am a happy...