A dataset containing Office 365 Unified Audit Logs for security research and detection
☆60Jun 7, 2022Updated 4 years ago
Alternatives and similar repositories for o365_dataset
Users that are interested in o365_dataset are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆72Oct 21, 2024Updated last year
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆34Jul 12, 2023Updated 2 years ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆27Jul 12, 2023Updated 2 years ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆280Feb 2, 2021Updated 5 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆200Jan 6, 2026Updated 5 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆181Mar 2, 2026Updated 3 months ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆230Oct 26, 2025Updated 7 months ago
- /ˈhäjˌpäj/ "a confused mixture."☆16Jun 1, 2026Updated 2 weeks ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated 2 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆20Oct 30, 2025Updated 7 months ago
- ☆30Jan 13, 2026Updated 5 months ago
- KQL queries for Incident Response☆14Oct 31, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆822Jun 9, 2026Updated last week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆110Apr 8, 2026Updated 2 months ago
- Snort_rules detection bad actors.☆29Aug 18, 2024Updated last year
- Kerberos Haters Guide to Zeek Threat Hunting☆34Oct 14, 2021Updated 4 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆80Jan 9, 2024Updated 2 years ago
- ☆21Nov 19, 2025Updated 7 months ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆84Jan 6, 2026Updated 5 months ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆270Feb 3, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Personal settings for X-Ways Forensics☆35Apr 28, 2022Updated 4 years ago
- A Windows registry file parser written in Rust☆40Oct 30, 2025Updated 7 months ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆43Sep 21, 2023Updated 2 years ago
- Repository for storage of Axon Rapid Response related queries, scripts and more☆10Jul 22, 2025Updated 10 months ago
- Share Information about Microsoft Security Products☆102Jun 12, 2026Updated last week
- Repository of attack and defensive information for Business Email Compromise investigations☆276Apr 19, 2026Updated 2 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆199Oct 29, 2025Updated 7 months ago
- Network analysis with Wireshark, is the topic in this repo!☆14May 6, 2023Updated 3 years ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆631Jun 3, 2026Updated 2 weeks ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Notes on responding to security breaches relating to Azure AD☆123Mar 14, 2022Updated 4 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 9 months ago