JoeyRentenaar / Office-365-Extractor
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
☆157Updated last year
Related projects: ⓘ
- Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides☆156Updated 4 years ago
- Sysmon Tools for PowerShell☆229Updated 6 years ago
- PowerShell script to find 'vulnerable' security-related GPOs that should be hardended☆193Updated 6 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆59Updated 9 months ago
- Office365 Log Analysis Framework☆81Updated 5 years ago
- ☆246Updated 4 months ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆158Updated 5 years ago
- Invoke-LiveResponse☆145Updated 2 years ago
- Powering Up Incident Response with Power-Response☆62Updated 4 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated last year
- Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI☆200Updated 6 years ago
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆207Updated 3 years ago
- ☆71Updated this week
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆76Updated 4 years ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆116Updated 4 years ago
- PowerShell based Active Directory Honey User Account Management with Universal Dashboards☆139Updated 5 years ago
- Parser for Windows PowerShell script block logs☆94Updated last month
- Sysmon configuration☆66Updated 6 years ago
- PowerShell Module to interact with VirusTotal☆115Updated 4 years ago
- A PowerShell script that aims to have a fully configured domain built in under 10 minutes, but also apply security configuration and hard…☆197Updated 3 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆86Updated 2 years ago
- A series of scripts☆95Updated 2 years ago
- Powershell Threat Hunting Module☆274Updated 7 years ago
- ☆80Updated this week
- The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.☆90Updated 6 years ago
- PowerShell No Agent Hunting☆107Updated 6 years ago
- ☆84Updated this week
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆133Updated 5 years ago
- Smb Scanner from PingCastle☆118Updated 5 years ago
- Splunk Technology Add-On (TA) for collecting ETW events from Windows systems☆17Updated last year