Skip to content
@invictus-ir

Invictus Incident Response

Popular repositories Loading

  1. Microsoft-Extractor-Suite Microsoft-Extractor-Suite Public

    A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

    PowerShell 682 100

  2. Invictus-AWS Invictus-AWS Public

    A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of incident response.

    Python 192 16

  3. ALFA ALFA Public

    ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit …

    Python 165 25

  4. aws-cheatsheet aws-cheatsheet Public

    A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.

    76 17

  5. Blue-team-app-Office-365-and-Azure Blue-team-app-Office-365-and-Azure Public

    73 10

  6. o365_dataset o365_dataset Public

    A dataset containing Office 365 Unified Audit Logs for security research and detection

    52 6

Repositories

Showing 10 of 21 repositories
  • IOCs Public

    Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more

    invictus-ir/IOCs’s past year of commit activity
    12 0 0 0 Updated Aug 19, 2025
  • KubeForenSys Public

    A Kubernetes Forensic Collection Framework for Azure Kubernetes Service

    invictus-ir/KubeForenSys’s past year of commit activity
    Python 34 GPL-2.0 3 0 0 Updated Aug 15, 2025
  • Microsoft-Extractor-Suite Public

    A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

    invictus-ir/Microsoft-Extractor-Suite’s past year of commit activity
    PowerShell 682 GPL-2.0 100 1 2 Updated Aug 11, 2025
  • ALFA Public

    ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework

    invictus-ir/ALFA’s past year of commit activity
    Python 165 MIT 25 0 0 Updated Mar 3, 2025
  • entra-apps Public

    List of Microsoft Apps in Entra ID

    invictus-ir/entra-apps’s past year of commit activity
    10 2 1 0 Updated Jan 3, 2025
  • Invictus-training Public

    Repository with supporting materials for Invictus Academy/Training

    invictus-ir/Invictus-training’s past year of commit activity
    Shell 43 5 0 0 Updated Jan 3, 2025
  • Blue-team-app-Office-365-and-Azure Public
    invictus-ir/Blue-team-app-Office-365-and-Azure’s past year of commit activity
    73 GPL-3.0 10 0 0 Updated Oct 21, 2024
  • Invictus-AWS Public

    A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of incident response.

    invictus-ir/Invictus-AWS’s past year of commit activity
    Python 192 MIT 16 0 1 Updated Oct 2, 2024
  • talks Public

    An overview of our talks at security conferences

    invictus-ir/talks’s past year of commit activity
    8 0 0 0 Updated May 21, 2024
  • aws-cheatsheet Public

    A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.

    invictus-ir/aws-cheatsheet’s past year of commit activity
    76 MIT 17 0 1 Updated May 8, 2024
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

Loading…