Popular repositories
-
Microsoft-Extractor-Suite
Microsoft-Extractor-Suite PublicA PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
-
-
-
aws-cheatsheet
aws-cheatsheet PublicA cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
-
o365_dataset
o365_dataset PublicA dataset containing Office 365 Unified Audit Logs for security research and detection
Repositories
- Microsoft-Extractor-Suite Public
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
- aws-cheatsheet Public
A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
- Invictus-AWS Public
- ALFA Public
ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework
- KQL-threat-hunting-queries Public Forked from cyb3rmik3/KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
-
-
-
-