counteractive / o365beatLinks
Elastic Beat for fetching and shipping Office 365 audit events
☆67Updated 4 years ago
Alternatives and similar repositories for o365beat
Users that are interested in o365beat are comparing it to the libraries listed below
Sorting:
- Security-Focused O365 Management and Log Scripts☆62Updated 2 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Sysmon configuration file template with default high-quality event tracing☆20Updated 4 years ago
- Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.☆61Updated 10 months ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 5 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆54Updated 3 years ago
- KITT - An Open Source PowerShell O365 Business Email Compromise Investigation Tool☆115Updated 5 years ago
- ☆42Updated 2 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆224Updated 6 months ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI☆201Updated 7 years ago
- PowerShell Module to interact with VirusTotal☆121Updated 5 years ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Updated 5 years ago
- Office365 Log Analysis Framework☆81Updated 6 years ago
- ☆34Updated 4 years ago
- ☆50Updated 5 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆94Updated 3 years ago
- Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides☆160Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- Personal repo for messing with scripts☆26Updated 3 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- Implementing the CIS Critical Controls (almost) for Free☆86Updated 3 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆166Updated 6 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 4 years ago
- Find accounts using common and default passwords in Active Directory.☆69Updated 5 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆83Updated last year
- ☆55Updated 4 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆76Updated last year