KITT - An Open Source PowerShell O365 Business Email Compromise Investigation Tool
☆116Jun 23, 2020Updated 5 years ago
Alternatives and similar repositories for KITT-O365-Tool
Users that are interested in KITT-O365-Tool are comparing it to the libraries listed below
Sorting:
- A scanner to detect the use of stolen FireEye red team tools☆20Dec 18, 2020Updated 5 years ago
- Script to show info on AD computers, and show what switch ports they are plugged into☆20Jul 13, 2020Updated 5 years ago
- ☆332Dec 8, 2022Updated 3 years ago
- A C# tool to send emails through Outlook from the command line or in memory☆32Jun 17, 2020Updated 5 years ago
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,429Dec 27, 2022Updated 3 years ago
- ☆12Oct 29, 2025Updated 4 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆929Mar 9, 2026Updated last week
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆18Jun 24, 2020Updated 5 years ago
- SQL scripts for querying event logs☆21Jul 12, 2017Updated 8 years ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆279Feb 2, 2021Updated 5 years ago
- Random scripts☆60Mar 9, 2026Updated last week
- adding a backdooruser using win32api☆80Sep 3, 2020Updated 5 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities☆202Nov 8, 2020Updated 5 years ago
- A way to manage Group Policy Preferences through PowerShell☆39Jan 25, 2026Updated last month
- A bash script to check for updates on macOS and notify users via JAMF Helper windows.☆20Aug 18, 2022Updated 3 years ago
- ☆152Jun 5, 2024Updated last year
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Jul 5, 2020Updated 5 years ago
- Red Team C2 Infrastructure built in AWS using Ansible!☆232Oct 4, 2020Updated 5 years ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆267Feb 3, 2022Updated 4 years ago
- ☆25Jun 28, 2019Updated 6 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Mar 15, 2022Updated 4 years ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆160Mar 27, 2023Updated 2 years ago
- ☆19Sep 21, 2020Updated 5 years ago
- Bloodhound Reporting for Blue and Purple Teams☆1,281Nov 15, 2025Updated 4 months ago
- Contact: CRT@crowdstrike.com☆749Apr 27, 2023Updated 2 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 2 years ago
- ☆17Aug 24, 2020Updated 5 years ago
- ☆13Jan 25, 2023Updated 3 years ago
- PowerShell Wrapper for the Auvik API☆13Aug 19, 2022Updated 3 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Sep 13, 2023Updated 2 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- automated penetration toolkit☆12Jul 9, 2016Updated 9 years ago
- ☆12Mar 24, 2018Updated 7 years ago
- POC for .NET mssql client for accessing database data through beacon☆64Sep 12, 2023Updated 2 years ago
- ☆226Nov 9, 2023Updated 2 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago