Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features from the Office 365 Audit Log.
☆41Oct 20, 2020Updated 5 years ago
Alternatives and similar repositories for MIA-MailItemsAccessed-
Users that are interested in MIA-MailItemsAccessed- are comparing it to the libraries listed below
Sorting:
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆267Feb 3, 2022Updated 4 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- Office365 Log Analysis Framework☆81Jun 6, 2019Updated 6 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆21Sep 6, 2022Updated 3 years ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Parser for Windows Scheduled Task files.☆13Apr 26, 2023Updated 2 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- ☆17Jan 22, 2026Updated last month
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆924Feb 26, 2026Updated last week
- ☆16Aug 29, 2025Updated 6 months ago
- Entire CICD Architecture for Network Automaion using Ansible Tower, GitLab, GitLab Runner, WebHooks☆18Apr 25, 2023Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆46Apr 25, 2024Updated last year
- ☆21Apr 19, 2024Updated last year
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Dissect triage scripts for Citrix NetScaler devices☆69Nov 17, 2025Updated 3 months ago
- Another MISP module for Python☆18Feb 17, 2020Updated 6 years ago
- A series of python scripts to extract information from SQLite Data Files☆21Nov 15, 2025Updated 3 months ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- ☆19Sep 18, 2023Updated 2 years ago
- A collection of scripts to facilitate management of Microsoft Defender XDR products + Sentinel.☆31Nov 11, 2025Updated 3 months ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- ☆21Feb 10, 2021Updated 5 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- Documentation used for Shuffle☆21Feb 27, 2026Updated last week
- Best prompt usecase for Top App/Website Builder☆26Aug 30, 2025Updated 6 months ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- Workflows for Shuffle☆24Oct 26, 2022Updated 3 years ago
- Flubot DGA domains☆19Dec 1, 2021Updated 4 years ago
- Powershell module for VMWare vSphere forensics☆168Nov 8, 2024Updated last year
- Intune configuration files for MacOS Sonoma hardening☆31Dec 6, 2023Updated 2 years ago
- ☆23Jun 1, 2023Updated 2 years ago
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Nov 27, 2020Updated 5 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 7 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆173Updated this week