counteractive / o365beatLinks
Elastic Beat for fetching and shipping Office 365 audit events
☆68Updated 5 years ago
Alternatives and similar repositories for o365beat
Users that are interested in o365beat are comparing it to the libraries listed below
Sorting:
- Security-Focused O365 Management and Log Scripts☆62Updated 3 years ago
- Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.☆62Updated last year
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆83Updated 2 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Updated 5 years ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆227Updated 10 months ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago
- Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides☆160Updated 6 years ago
- Sysmon configuration file template with default high-quality event tracing☆20Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆55Updated 3 years ago
- Office365 Log Analysis Framework☆81Updated 6 years ago
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆99Updated 5 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 5 years ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆160Updated 2 years ago
- Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI☆200Updated 8 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆116Updated 2 months ago
- PowerShell Module to interact with VirusTotal☆122Updated 5 years ago
- Implementing the CIS Critical Controls (almost) for Free☆87Updated 3 years ago
- ☆43Updated 2 years ago
- PowerShell Script for Windows Server Compliance / Security Configuration Audit☆63Updated 9 years ago
- ☆51Updated 5 years ago
- Collect / retrieve Office365, AzureAD and DLP audit logs and output to PRTG, Azure Log Analytics Workspace, SQL, Graylog, Fluentd, and/or…☆117Updated last year
- KITT - An Open Source PowerShell O365 Business Email Compromise Investigation Tool☆116Updated 5 years ago
- Sysmon Splunk App☆47Updated 7 years ago
- Azure Sentinel Template parser☆16Updated 5 years ago
- ☆58Updated 3 months ago
- ☆34Updated 4 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆42Updated 3 years ago