Simple hunting script for suspicious M365 OAuth Apps
☆321Sep 23, 2025Updated 5 months ago
Alternatives and similar repositories for cazadora
Users that are interested in cazadora are comparing it to the libraries listed below
Sorting:
- Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconf…☆79Feb 25, 2025Updated last year
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆577Dec 6, 2025Updated 3 months ago
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆193Feb 17, 2026Updated 2 weeks ago
- Troubleshooting MDE Workstations☆42Jan 7, 2026Updated last month
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆210Updated this week
- Automation to assess the state of your M365 tenant against CISA's baselines☆2,470Feb 27, 2026Updated last week
- ☆772May 7, 2025Updated 10 months ago
- Implement a powerful Tiering Security Model in Microsoft Entra for your Cloud Administrator identities using Azure Automation.☆51Feb 18, 2025Updated last year
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆323Oct 12, 2025Updated 4 months ago
- Discover a curated collection of scripts for Microsoft Azure and Microsoft 365 in this repository. Tailored for efficiency and automation…☆35Oct 21, 2025Updated 4 months ago
- CA Optics - Azure AD Conditional Access Gap Analyzer☆334Aug 28, 2024Updated last year
- ☆37Updated this week
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- A PowerShell script that automates the security assessment of Microsoft 365 environments.☆646Apr 8, 2025Updated 10 months ago
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆1,256Jul 22, 2025Updated 7 months ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- A tool for checking if MFA is enabled on multiple Microsoft Services☆1,635Mar 4, 2025Updated last year
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆382Jan 23, 2025Updated last year
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆771Updated this week
- PowerShell tools to help defenders hunt smarter, hunt harder.☆473Oct 29, 2025Updated 4 months ago
- Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft E…☆1,241Feb 27, 2026Updated last week
- Conditional Access Reporting☆29Apr 4, 2025Updated 11 months ago
- A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.☆895Jan 15, 2026Updated last month
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,033Dec 31, 2025Updated 2 months ago
- A red teaming attack paradigm against AI Agents☆32Mar 9, 2025Updated 11 months ago
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated 11 months ago
- EasyPIM let you manage PIM Azure Resource, Entra Role and Groups settings and assignments with simplicity☆220Feb 26, 2026Updated last week
- Tools for Microsoft cloud fans☆372Nov 26, 2024Updated last year
- PowerShell-based Automation of Defender for Endpoint☆187Jul 3, 2025Updated 8 months ago
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- Tooling for assessing an Azure AD tenant state and configuration☆831Jun 12, 2024Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆816Feb 17, 2025Updated last year
- ScriptSentry finds misconfigured and dangerous logon scripts.☆624Feb 16, 2026Updated 2 weeks ago
- BloodHound Attack Research Kit☆585Mar 18, 2025Updated 11 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆924Feb 26, 2026Updated last week
- ☆263Feb 14, 2026Updated 2 weeks ago
- ☆402Updated this week
- PowerShell Digital Forensics & Incident Response Scripts.☆772Jan 14, 2026Updated last month
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆758Aug 28, 2025Updated 6 months ago