gutija

OneDriveExplorer

OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat and <UserCid>.dat.previous file.

Awesome-BEC

Repository of attack and defensive information for Business Email Compromise investigations

IRM

Incident Response Methodologies 2022

caOptics

CA Optics - Azure AD Conditional Access Gap Analyzer

Red-Team-Infrastructure-Wiki

Wiki to collect Red Team infrastructure hardening resources

monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

AzureADAssessment

Tooling for assessing an Azure AD tenant state and configuration

PingCastleCloud

Audit program for AzureAD

personal-security-checklist

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

Oh365UserFinder

Python3 o365 User Enumeration Tool

microsoft-365-docs

This repo is used to host the source for the Microsoft 365 documentation on https://docs.microsoft.com.

Microsoft-Sentinel-As-A-Code

Export Microsoft Sentinel artifacts like Analytical Rules, Hunting Queries, Workbooks in order to support new feature Repositories CI/CD Pipeline

Ghostwriter

The SpecterOps project management and reporting engine

mimalloc

mimalloc is a compact general purpose allocator with excellent performance.

Microsoft-Sentinel

Microsoft Sentinel related content

aadcookiespoof

Azure AD Identity Protection Cookie Spoofing

AzureADToolkit

PowerShell module to manage Azure Active Directory app credentials.

AzureHunter

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

SysmonSimulator

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

Intune-Network-Drive-Mapping-Tool

Map on-premises network shares with Intune and the Microsoft Store for Business

Azure-MG-Sub-Governance-Reporting

Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.

Mandiant-Azure-AD-Investigator

Azure-Sentinel-Notebooks

Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

Stormspotter

Azure Red Team tool for graphing Azure and Azure Active Directory objects

Incident-Playbook

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

impacket

Impacket is a collection of Python classes for working with network protocols.

Virtual-Desktop-Optimization-Tool

The script and configuration files in this repository provide an easy method to customize and apply performance related settings to virtual desktop environments.

PowerShell

My PowerShell Stuff

MicrosoftTechTalk

Liste des requetés utilisées pendant les sessions Microsoft TechTalk / The list of queries presented during Microsoft TechTalk sessions

GPOZaurr

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.