guardzcom/security-research-labs

GitHub: guardzcom/security-research-labs

由 Guardz 官方开源的多领域安全工具集合，覆盖紫队演练、AI 安全、M365/GWS 云环境侦察与取证分析。

Stars: 56 | Forks: 11

# 安全研究实验室 **适用于紫队、红队、AI 安全、取证和云安全的工具、脚本和研究 PoC。仅限授权使用。** [![GitHub stars](https://img.shields.io/github/stars/guardzcom/security-research-labs)](https://github.com/guardzcom/security-research-labs/stargazers) [![GitHub release (latest by date)](https://img.shields.io/github/v/release/guardzcom/security-research-labs)](https://github.com/guardzcom/security-research-labs/releases) [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE) [![Tools](https://img.shields.io/badge/tools-8-orange)](.) [![Platform](https://img.shields.io/badge/Platform-Web%20%7C%20Windows%20%7C%20macOS%20%7C%20Linux-green)](.) [![PowerShell](https://img.shields.io/badge/PowerShell-5.1%2B-blue?logo=powershell)](https://docs.microsoft.com/powershell/) [![AI & Cloud](https://img.shields.io/badge/AI%20%26%20Cloud-OpenClaw%20%7C%20SkillScan%20%7C%20IOCs-orange?style=flat-square)](AI-Cloud-Tools/) [![Purple Team](https://img.shields.io/badge/Purple%20Team-Detection%20testing-purple?style=flat-square)](Purple-Team-Emulation/) [![M365](https://img.shields.io/badge/M365-Entra%20%7C%20Graph-blue?style=flat-square)](CloudAdversary/M365/) [![Threat Intel](https://img.shields.io/badge/Threat%20Intel-IOCs%20%7C%20Hunting-red?style=flat-square)](Threat-Intel/) [![GWS](https://img.shields.io/badge/GWS-Google%20Workspace-green?style=flat-square)](Purple-Team-Emulation/GWS/) Security Research Labs 是 Guardz 官方开源安全工具库：配置分析器、Microsoft 365 / Entra 侦察脚本、紫队检测模拟以及 AI 技能安全。基于 MIT 许可证；每个工具都位于**具有独立 README 的专用文件夹**中。 ## GitHub 统计来自 GitHub API 的动态徽章（通过 [Shields.io](https://shields.io)）会自动更新。 [![GitHub stars](https://img.shields.io/github/stars/guardzcom/security-research-labs?style=flat-square)](https://github.com/guardzcom/security-research-labs/stargazers) [![GitHub forks](https://img.shields.io/github/forks/guardzcom/security-research-labs?style=flat-square)](https://github.com/guardzcom/security-research-labs/forks) [![GitHub issues](https://img.shields.io/github/issues/guardzcom/security-research-labs?style=flat-square)](https://github.com/guardzcom/security-research-labs/issues) [![GitHub language count](https://img.shields.io/github/languages/count/guardzcom/security-research-labs?style=flat-square)](https://github.com/guardzcom/security-research-labs) ## 仓库布局 | Category | Folder | Contents | |----------|--------|----------| | [![AI](https://img.shields.io/badge/AI-orange?style=flat-square)](AI-Cloud-Tools/) | [AI-Cloud-Tools/](AI-Cloud-Tools/) | AI：OpenClaw Analyzer, SkillScan。M365-Tools：OAuth IOCs 检查器。 | | [![Purple](https://img.shields.io/badge/Purple-purple?style=flat-square)](Purple-Team-Emulation/) | [Purple-Team-Emulation/](Purple-Team-Emulation/) | Endpoint：certutil、EDR 遥测模拟器、Office 宏篡改、BloodHound 模拟、Nmap 扫描模拟。 | | [![M365](https://img.shields.io/badge/M365-blue?style=flat-square)](CloudAdversary/M365/) | [CloudAdversary/M365/](CloudAdversary/M365/) | DeviceStrike, SPO Ext Recon, GraphRunner QuickStart。 | | [![GWS](https://img.shields.io/badge/GWS-green?style=flat-square)](Purple-Team-Emulation/GWS/) | [Purple-Team-Emulation/GWS/](Purple-Team-Emulation/GWS/) | Google Workspace 安全工具（占位符）。 | | [![Threat Intel](https://img.shields.io/badge/Threat%20Intel-red?style=flat-square)](Threat-Intel/) | [Threat-Intel/](Threat-Intel/) | IOCs、检测工件、威胁情报。 | ## 适用对象 | Category | Audience | Use case | |----------|----------|----------| | [![Cloud](https://img.shields.io/badge/Cloud-blue?style=flat-square)](#) | **云安全** | Microsoft 365 和 Google Workspace。 | | [![AI](https://img.shields.io/badge/AI-orange?style=flat-square)](#) | **AI 安全** | 保护 AI 助手和 Agent：配置加固、暴露检测、供应链和技能安全。 | | [![Purple](https://img.shields.io/badge/Purple-purple?style=flat-square)](#) | **紫队** | 加固检查、配置审查、面向检测的侦察。 | | [![Red](https://img.shields.io/badge/Red-red?style=flat-square)](#) | **红队** | 授权侦察、Token 流程、M365/云攻击面测绘。 | | [![Forensic](https://img.shields.io/badge/Forensic-darkblue?style=flat-square)](#) | **取证** | 证据收集、邮箱/SharePoint/Teams 搜索模式、审计追踪。 | ## 安全模型（重要） ## 支持与社区 - **错误和功能：**提交 issue。尽可能使用 issue 模板。 - **安全漏洞：**请**不要**在公开 issue 中报告。请参阅 SECURITY.md 进行私下报告。 - **讨论：**如果已启用，请使用 GitHub Discussions 提问和分享想法；否则请提交 issue。 - **贡献：**欢迎提交 Pull Request。请先阅读 CONTRIBUTING.md 和 CODE_OF_CONDUCT.md。我们不提供正式的 SLA 或商业支持；我们会尽力回应。 ## 许可证 MIT 许可证。子目录可能包含其自己的许可文件；如果存在，则适用于该项目。

标签：AI合规, AI安全, Chat Copilot, Entra ID, Google Workspace, Guardz, GWS安全, IOC, IPv6, M365安全, Microsoft 365, PoC, PowerShell, SMB安全, 二进制发布, 人工智能安全, 合规性, 后端开发, 威胁情报, 开发者工具, 开源工具, 攻击模拟, 数字取证, 数据展示, 无线安全, 暴力破解, 检测测试, 概念验证, 紫队, 红队, 网络安全, 网络安全审计, 自动化脚本, 足迹分析, 隐私保护, 驱动签名利用