A set of Python scripts for finding threats in Office365
☆49Mar 27, 2023Updated 2 years ago
Alternatives and similar repositories for py365
Users that are interested in py365 are comparing it to the libraries listed below
Sorting:
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- A packer project to generate Windows EVAL images to use it on test / dev / hack / IR labs☆24Jan 3, 2021Updated 5 years ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆160Mar 27, 2023Updated 2 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- ☆24Aug 27, 2021Updated 4 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- Ivanti Connect Secure IFT TLS Stack Overflow pre-auth RCE (CVE-2025-0282)☆31Jan 18, 2025Updated last year
- SDS011 pollution sensor + Wemos D1 mini pro + Micropython☆13Jul 11, 2017Updated 8 years ago
- ☆18Jan 21, 2026Updated 2 months ago
- Library of python scripts to apply Data Science in several forensics artifacts☆31Jul 16, 2020Updated 5 years ago
- Research into COM☆19Jan 25, 2020Updated 6 years ago
- When CactusTorch meets WebDavDelivery and obfuscation☆63Sep 19, 2017Updated 8 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆170Sep 27, 2022Updated 3 years ago
- ATTPwn☆218Mar 9, 2024Updated 2 years ago
- Windows Update PowerShell tools☆17Mar 13, 2018Updated 8 years ago
- Bash Enumeration Script☆18Oct 18, 2019Updated 6 years ago
- ☆12Apr 14, 2021Updated 4 years ago
- A modular OSINT honeypot for blue teamers☆342May 2, 2023Updated 2 years ago
- A collection of tips for using MISP.☆76Dec 11, 2024Updated last year
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago
- Audit and block PowerShell scripts.☆22Sep 25, 2025Updated 5 months ago
- This script validates the most common Conditional Access policies in Microsoft 365.☆10May 27, 2024Updated last year
- urlyzer is a URL parsing analysis tool.☆24Jul 27, 2024Updated last year
- BinjaryNinja plugin for a ShellStorm like assembly/disassembly experience☆17Nov 28, 2024Updated last year
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆22Jun 6, 2017Updated 8 years ago
- ☆80Apr 18, 2023Updated 2 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- A toolkit to attack Office365☆16Aug 1, 2019Updated 6 years ago
- collection template ref implementation☆11Mar 13, 2025Updated last year
- ☆12Sep 4, 2013Updated 12 years ago
- Cheat sheets for threat hunting, detection and other stuff.☆34Oct 7, 2022Updated 3 years ago
- A simple fuzzy matching set for python strings☆10Nov 25, 2024Updated last year
- testing123☆13Nov 23, 2024Updated last year
- Your Browser-based EVTX Companion☆114Mar 2, 2026Updated 2 weeks ago
- ☆18Jun 8, 2018Updated 7 years ago
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,429Dec 27, 2022Updated 3 years ago
- Unpacking and decryption tools for the Emotet malware☆44Dec 5, 2021Updated 4 years ago