A dataset containing Office 365 Unified Audit Logs for security research and detection
☆58Jun 7, 2022Updated 3 years ago
Alternatives and similar repositories for o365_dataset
Users that are interested in o365_dataset are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆72Oct 21, 2024Updated last year
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆279Feb 2, 2021Updated 5 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆201Jan 6, 2026Updated 3 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆176Mar 2, 2026Updated last month
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆227Oct 26, 2025Updated 5 months ago
- /ˈhäjˌpäj/ "a confused mixture."☆13Apr 10, 2026Updated last week
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- 2021 SANS DFIR Summit: Greppin' Logs☆20Oct 30, 2025Updated 5 months ago
- ☆30Jan 13, 2026Updated 3 months ago
- KQL queries for Incident Response☆14Oct 31, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆789Mar 25, 2026Updated 3 weeks ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆107Apr 8, 2026Updated last week
- Snort_rules detection bad actors.☆29Aug 18, 2024Updated last year
- Kerberos Haters Guide to Zeek Threat Hunting☆34Oct 14, 2021Updated 4 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆80Jan 9, 2024Updated 2 years ago
- ☆21Nov 19, 2025Updated 5 months ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆83Jan 6, 2026Updated 3 months ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆269Feb 3, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 5 months ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆43Sep 21, 2023Updated 2 years ago
- Repository of attack and defensive information for Business Email Compromise investigations☆276May 10, 2025Updated 11 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆195Oct 29, 2025Updated 5 months ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆583Apr 11, 2026Updated last week
- Network analysis with Wireshark, is the topic in this repo!☆14May 6, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Notes on responding to security breaches relating to Azure AD☆123Mar 14, 2022Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆36Jan 11, 2023Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 11 months ago
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 7 months ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- Documentation and scripts to properly enable Windows event logs.☆692Oct 3, 2025Updated 6 months ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆93Sep 7, 2023Updated 2 years ago