Alternatives and similar repositories for o365AuditParser

Users that are interested in o365AuditParser are comparing it to the libraries listed below

• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆59Updated 7 months ago
• AndrewRathbun / DFIRRegex
  A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
  ☆107Updated 3 years ago
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆51Updated last month
• ReconInfoSec / velociraptor-to-timesketch
  ☆14Updated last year
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆71Updated last year
• PolarBearGod / CrowdStrike-RTR-Scripts
  ☆29Updated 4 years ago
• EricZimmerman / KapeDocs
  Documentation repository
  ☆47Updated last year
• EricZimmerman / SQLECmd
  ☆60Updated 2 weeks ago
• blueteam0ps / AllthingsTimesketch
  This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
  ☆118Updated 2 years ago
• gajos112 / PowerShell-Timeliner
  ☆12Updated 3 years ago
• PwC-IR / Business-Email-Compromise-Guide
  The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…
  ☆277Updated 5 years ago
• EricZimmerman / Get-ZimmermanTools
  Get all my software
  ☆186Updated this week
• Digital-Forensics-Discord-Server / ArtifactParsers
  A repo that aims to centralize a current, running list of relevant parsers/tools for known DFIR artifacts
  ☆78Updated 3 months ago
• SentineLabs / S1QL-Queries
  ☆67Updated 2 years ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆20Updated 3 months ago
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆79Updated this week
• TazWake / Public
  Collection of scripts provided for public use
  ☆39Updated last week
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆218Updated 3 months ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆121Updated 2 years ago
• ANSSI-FR / DFIR-O365RC
  PowerShell module for Office 365 and Azure log collection
  ☆280Updated 4 months ago
• AndrewRathbun / Awesome-KAPE
  A curated list of KAPE-related resources
  ☆179Updated 9 months ago
• WillOram / AzureAD-incident-response
  Notes on responding to security breaches relating to Azure AD
  ☆120Updated 3 years ago
• AtomicGaryBusey / AzureForensics
  ☆33Updated 4 years ago
• Dead-Simple-Scripts / AutoLLR
  Script to automate Linux live evidence collection
  ☆28Updated 3 years ago
• AndrewRathbun / EventTranscript.db-Research
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆43Updated 3 years ago
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆65Updated last year
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆266Updated 4 years ago
• brimorlabs / KStrike
  Stand-alone parser for User Access Logging from Server 2012 and newer systems
  ☆78Updated 2 years ago
• bk-cs / rtr
  Real-time Response scripts and schema
  ☆122Updated 3 months ago
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆60Updated 3 years ago