bromiley/olaf external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bromiley/olaf

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bromiley/olaf)

Close

bromiley / olafView on GitHubMore

• External links
• Readme badge

Office365 Log Analysis Framework

☆81Jun 6, 2019Updated 6 years ago

Alternatives and similar repositories for olaf

Users that are interested in olaf are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• yahoo / winjob

  View on GitHub
  Parser for Windows Scheduled Task files.
  ☆13Apr 26, 2023Updated 3 years ago
• LMGsec / Magic-Unicorn-Tool

  View on GitHub
  ☆262Jul 6, 2018Updated 7 years ago
• msuhanov / regf-samples

  View on GitHub
  Windows registry samples
  ☆24Nov 18, 2018Updated 7 years ago
• brimorlabs / KStrike

  View on GitHub
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆80Jan 9, 2024Updated 2 years ago
• matthewdunwoody / block-parser

  View on GitHub
  Parser for Windows PowerShell script block logs
  ☆101Aug 4, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• PwC-IR / MIA-MailItemsAccessed-

  View on GitHub
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆42Oct 20, 2020Updated 5 years ago
• ANSSI-FR / DFIR-O365RC

  View on GitHub
  PowerShell module for Office 365 and Azure log collection
  ☆281Sep 22, 2025Updated 7 months ago
• airbus-cert / mispy

  View on GitHub
  Another MISP module for Python
  ☆18Feb 17, 2020Updated 6 years ago
• CIRCL / cuckoo-modified

  View on GitHub
  Modified edition of cuckoo
  ☆18Feb 14, 2018Updated 8 years ago
• tedhardyMSFT / EventLogUtilities

  View on GitHub
  Set of utilities for getting information about Windows Events
  ☆15Jun 5, 2018Updated 7 years ago
• forensiclunch / ETLParser

  View on GitHub
  Binary commandline executable to parse ETL files
  ☆69Jun 7, 2018Updated 7 years ago
• iandday / o365AuditParser

  View on GitHub
  Microsoft Office365 Protection Center Audit Log Parser
  ☆27Jul 17, 2023Updated 2 years ago
• davidpany / WMI_Forensics

  View on GitHub
  ☆312Aug 14, 2020Updated 5 years ago
• Invoke-IR / PowerForensicsPortable

  View on GitHub
  ☆33Nov 21, 2024Updated last year
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• MalwareArchaeology / ARTHIR

  View on GitHub
  ATT&CK Remote Threat Hunting Incident Response
  ☆206Dec 8, 2024Updated last year
• PwC-IR / Business-Email-Compromise-Guide

  View on GitHub
  The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…
  ☆279Feb 2, 2021Updated 5 years ago
• PwC-IR / Office-365-Extractor

  View on GitHub
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆270Feb 3, 2022Updated 4 years ago
• andrewkrug / fargate-ir

  View on GitHub
  Proof of concept incident response demo using SSM and AWS Fargate.
  ☆14Dec 5, 2019Updated 6 years ago
• Velocidex / evtx-data

  View on GitHub
  Publicly shareable windows event log message data
  ☆29Nov 29, 2019Updated 6 years ago
• orlikoski / Skadi

  View on GitHub
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆506Oct 21, 2022Updated 3 years ago
• grayfold3d / POSH-Triage

  View on GitHub
  Tools for parsing Forensic images
  ☆41Dec 14, 2018Updated 7 years ago
• jschicht / MftCarver

  View on GitHub
  Carve $MFT records from a chunk of data (for instance a memory dump)
  ☆16Aug 21, 2016Updated 9 years ago
• CrowdStrike / Forensics

  View on GitHub
  Scripts and code referenced in CrowdStrike blog posts
  ☆340Nov 13, 2019Updated 6 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• JoeyRentenaar / Office-365-Extractor

  View on GitHub
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆160Mar 27, 2023Updated 3 years ago
• glassdfir / SysmonMapper

  View on GitHub
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆23Mar 5, 2016Updated 10 years ago
• ydkhatri / Presentations

  View on GitHub
  Slides and material from my conference presentations
  ☆16Mar 30, 2024Updated 2 years ago
• caschnee / misp-use-cases

  View on GitHub
  ☆14May 30, 2018Updated 7 years ago
• mnrkbys / vss_carver

  View on GitHub
  Carves and recreates VSS catalog and store from Windows disk image.
  ☆100Jan 24, 2023Updated 3 years ago
• appliedsec / forensicscanner

  View on GitHub
  Forensic Scanner
  ☆41Nov 29, 2012Updated 13 years ago
• devgc / GcLinkParser

  View on GitHub
  A GC link parser for both linkfiles and jumplists.
  ☆18Oct 28, 2016Updated 9 years ago
• MHaggis / app_splunk_sysmon_hunter

  View on GitHub
  Splunk App to assist Sysmon Threat Hunting
  ☆38Mar 7, 2017Updated 9 years ago
• ThreatResponse / margaritashotgun

  View on GitHub
  Remote Memory Acquisition Tool
  ☆253Sep 22, 2020Updated 5 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• MarkBaggett / srum-dump

  View on GitHub
  A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
  ☆744Jun 5, 2025Updated 10 months ago
• truekonrads / kpulp

  View on GitHub
  Konrads' Pen-Ultimate (Windows) Log File Parser
  ☆14Dec 27, 2025Updated 4 months ago
• dwmetz / Axiom-PowerShell

  View on GitHub
  PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.
  ☆12Aug 26, 2024Updated last year
• CrowdStrike / xwf-yara-scanner

  View on GitHub
  ☆93Jul 30, 2025Updated 9 months ago
• CERT-Bund / misp-warninglists-analyzer

  View on GitHub
  Checks observables/ioc in TheHive/Cortex against the MISP warningslists
  ☆14Dec 27, 2017Updated 8 years ago
• FixTheExchange / Invoke-ExchangeWebShellHunter

  View on GitHub
  PowerShell script for hunting webshells on Microsoft Exchange Servers.
  ☆56Feb 1, 2017Updated 9 years ago
• voxpupuli / puppet-misp

  View on GitHub
  This module installs and configures MISP (Malware Information Sharing Platform)
  ☆14Apr 14, 2026Updated 2 weeks ago