counteractive / o365beat
Elastic Beat for fetching and shipping Office 365 audit events
☆66Updated 4 years ago
Alternatives and similar repositories for o365beat:
Users that are interested in o365beat are comparing it to the libraries listed below
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆39Updated 4 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- ☆34Updated 3 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Security-Focused O365 Management and Log Scripts☆60Updated 2 years ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- PowerShell Script for Windows Server Compliance / Security Configuration Audit☆61Updated 8 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- Azure Sentinel Template parser☆16Updated 4 years ago
- Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.☆60Updated 5 months ago
- ☆58Updated last year
- Sysmon Splunk App☆46Updated 6 years ago
- Sysmon configuration file template with default high-quality event tracing☆20Updated 4 years ago
- PowerShell Module for automating Tenable Nessus Vulnerability Scanner.☆87Updated 2 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆64Updated 3 years ago
- ☆18Updated 6 years ago
- Personal repo for messing with scripts☆26Updated 3 years ago
- ☆41Updated last year
- Office365 Log Analysis Framework☆82Updated 5 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 6 years ago
- Ansible playbook for installing MineMeld on Linux☆48Updated 4 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆90Updated 3 years ago
- Cisco eStreamer client☆24Updated 2 years ago
- MineMeld nodes for MISP☆19Updated last year
- automate your MISP installs☆66Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- PowerShell - Endpoint Analysis Solution Your Windows Intranet Needs☆46Updated 3 months ago
- Builds a hashmap of AD NTLM hashes/usernames and iterates through a second list of hashes checking for the existence of each entry in the…☆77Updated 4 years ago
- Powershell - web traffic whitenoise generator☆47Updated 4 years ago