Alternatives and similar repositories for Magic-Unicorn-Tool

Users that are interested in Magic-Unicorn-Tool are comparing it to the libraries listed below

• bromiley / olaf

  View on GitHub
  Office365 Log Analysis Framework
  ☆81Jun 6, 2019Updated 6 years ago
• jaredhaight / scripts

  View on GitHub
  A collection of scripts that I've written while pentesting.
  ☆31Aug 3, 2018Updated 7 years ago
• JoeyRentenaar / Office-365-Extractor

  View on GitHub
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆160Mar 27, 2023Updated 2 years ago
• GoFetchAD / GoFetch

  View on GitHub
  GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
  ☆634Jun 20, 2017Updated 8 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆349Mar 19, 2021Updated 4 years ago
• LogRhythm-Labs / PIE

  View on GitHub
  The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365
  ☆180Apr 13, 2020Updated 5 years ago
• uber-common / metta

  View on GitHub
  An information security preparedness tool to do adversarial simulation.
  ☆1,142Apr 1, 2019Updated 6 years ago
• CrowdStrike / Forensics

  View on GitHub
  Scripts and code referenced in CrowdStrike blog posts
  ☆336Nov 13, 2019Updated 6 years ago
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,428Nov 16, 2023Updated 2 years ago
• DanMcInerney / icebreaker

  View on GitHub
  Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
  ☆1,194Oct 24, 2018Updated 7 years ago
• mattifestation / CimSweep

  View on GitHub
  CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…
  ☆657Aug 19, 2019Updated 6 years ago
• l0ss / Grouper

  View on GitHub
  A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
  ☆737Feb 5, 2019Updated 7 years ago
• Invoke-IR / Uproot

  View on GitHub
  Currently not updated for WMIEvent module...
  ☆262Feb 23, 2016Updated 9 years ago
• Cybereason / Invoke-WMILM

  View on GitHub
  ☆230May 10, 2018Updated 7 years ago
• mandiant / GeoLogonalyzer

  View on GitHub
  GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
  ☆196Aug 12, 2024Updated last year
• 0xAnalyst / Sysmon

  View on GitHub
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆55Jul 10, 2024Updated last year
• orlikoski / CyLR

  View on GitHub
  CyLR - Live Response Collection Tool
  ☆708Jun 1, 2022Updated 3 years ago
• LMGsec / O365-Lockdown

  View on GitHub
  Secure and log *available* activities in your Microsoft Office 365 environment
  ☆39Aug 21, 2018Updated 7 years ago
• hausec / ADAPE-Script

  View on GitHub
  Active Directory Assessment and Privilege Escalation Script
  ☆1,130Dec 7, 2022Updated 3 years ago
• nullbind / Other-Projects

  View on GitHub
  This project is just a dumping ground for random scripts I've developed.
  ☆139Aug 14, 2024Updated last year
• OmerYa / Named-Pipe-Sniffer

  View on GitHub
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Nov 15, 2016Updated 9 years ago
• tehsyntx / loffice

  View on GitHub
  Lazy Office Analyzer
  ☆121Feb 15, 2017Updated 9 years ago
• giMini / NOAH

  View on GitHub
  PowerShell No Agent Hunting
  ☆111Apr 23, 2018Updated 7 years ago
• TryCatchHCF / DumpsterFire

  View on GitHub
  "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …
  ☆1,035May 27, 2020Updated 5 years ago
• api0cradle / LOLBAS

  View on GitHub
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆1,612Dec 10, 2018Updated 7 years ago
• orlikoski / Skadi

  View on GitHub
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆504Oct 21, 2022Updated 3 years ago
• JohnLaTwC / PyPowerShellXray

  View on GitHub
  Python script to decode common encoded PowerShell scripts
  ☆217Jun 13, 2018Updated 7 years ago
• morphuslabs / distinct

  View on GitHub
  Find potential Indicators of Compromise among similar Linux servers
  ☆29Oct 28, 2017Updated 8 years ago
• palantir / windows-event-forwarding

  View on GitHub
  A repository for using windows event forwarding for incident detection and response
  ☆1,296Sep 8, 2025Updated 5 months ago
• JohnLaTwC / MacroJob

  View on GitHub
  Proof of concept VBA code to add to Normal.dot to put restrictions on Word
  ☆40Dec 20, 2016Updated 9 years ago
• n0dec / MalwLess

  View on GitHub
  Test Blue Team detections without running any attack.
  ☆272May 2, 2024Updated last year
• skorov / ridrelay

  View on GitHub
  Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
  ☆401May 20, 2020Updated 5 years ago
• mgreen27 / Invoke-LiveResponse

  View on GitHub
  Invoke-LiveResponse
  ☆150Feb 22, 2022Updated 3 years ago
• certsocietegenerale / IRM-deprecated

  View on GitHub
  Incident Response Methodologies
  ☆1,018Aug 2, 2018Updated 7 years ago
• cryps1s / DARKSURGEON

  View on GitHub
  DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.
  ☆469Jul 21, 2020Updated 5 years ago
• xFreed0m / KatzKatz

  View on GitHub
  Python3 script to parse txt files containing Mimikatz output
  ☆99Jun 19, 2020Updated 5 years ago
• EmpireProject / Empire-GUI

  View on GitHub
  Empire client application
  ☆502Mar 10, 2022Updated 3 years ago
• francisck / DanderSpritz_lab

  View on GitHub
  A fully functional DanderSpritz lab in 2 commands
  ☆447May 16, 2019Updated 6 years ago
• DissectMalware / MalwareCMDMonitor

  View on GitHub
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆42Sep 18, 2018Updated 7 years ago