Open Source Cloud Security Tool.

Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more.

• Prowler @ GitHub.

Related contents:

• How to Complete Infrastructure Code Reviews Like a PRO @ microtica.

Expose the contents of .docx files without leaving your terminal. Fast, safe, and smart — no Office required!

A fast, terminal-native document viewer for Word files. View, search, and export .docx documents without leaving your command line.

Related contents:

• Doxx - Pour lire vos fichiers Word depuis le terminal @ Korben :fr:.

Secure, Open-source Email Archiving for Data Sovereignty. Your Secure, Sovereign Email Archive.

Open Archiver is a self-hosted, open-source platform for archiving, searching, and managing your emails. Take control of your digital communication history, free from vendor lock-in.

• Open Archiver @ GitHub.

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

AADInternals is PowerShell module for administering Azure AD and Office 365.

• AADInternals @ GitHub.
• AADInternals documentation.

Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start.

• Monkey365 @ GitHub.
• ⚙Monkey365 - Open Source security tool @ Lauren M.'s LinkedIn :fr:

The Open-Source Tool Democratizing Multi-Cloud Security Testing by Arpan Sarkar.

Multi-Cloud Security Testing Tool to execute a comprehensive array of attack techniques across multiple surfaces via a simple web interface.

Halberd is a powerful, multi-cloud security testing tool. Born out of the need for a unified, easy-to-use tool, Halberd enables you to proactively assess your cloud defenses by executing a comprehensive array of attack techniques across Entra ID, M365, Azure, and AWS. With its intuitive web interface, you can simulate real-world attacks, generate valuable telemetry, and validate your security controls with ease & speed.

• Halberd @ GitHub.

Best Email Signature Manager for Outlook & Office 365.

Design and deploy on-brand email signatures for your whole team. Connect with your audience in a way that's on-brand and personal, while driving quality lead generation.

Your Microsoft Security test automation framework!

Monitor your Microsoft 365 tenant's security configuration using Maester!

Maester is an open source PowerShell-based test automation framework designed to help you monitor and maintain the security configuration of your Microsoft 365 environment.

• Maester @ GitHub.
• Maester, l’outil pour automatiser vos tests de sécurité Microsoft 365 @ IT Connect :fr:.

Run Windows applications (including Microsoft 365 and Adobe Creative Cloud) on GNU/Linux with KDE, GNOME or XFCE, integrated seamlessly as if they were native to the OS.

Related contents:

• Episode 624: Tiny PC, Huge Problems @ Linux Unplugged.
• Episode 573 - Universal Blue Man Group @ Linux Unplugged.
• WinApps - Faites tourner Office sur Linux comme si c'était du natif @ Korben :fr:.

AdminDroid Microsoft 365 auditing tool come up with immense reports on all the Microsoft 365 audit activities in the audit log search. Providing in-depth details on user sign-in activities is a head start for admins to analyze the users' sign-in data. With this Azure AD auditing tool, admins can monitor user logins, user activities, group activities, application activities, etc. Jazz up your Microsoft 365 Azure auditing without playing hard with PowerShell cmdlet like 'Search-UnifiedAuditLog'.

Secure infrastructure in minutes. Hardening Active Directory and Office 365.

• Harden @ GitHub.
• Hardening AD : Sécuriser vos infrastructures avec HardenAD @ Hamza Kondah's LinkedIn :fr:.
• bonnes pratiques en termes de configurations et durcissements autour de l'Active Directory @ Laurent M.'s LinkedIn :fr:.

An attack tool for simple, fast & effective security testing of M365 & Azure AD.

MAAD-AF is designed to make cloud security testing simple, fast and effective. Through its virtually no-setup requirement and easy to use interactive attack modules, security teams can test their security controls, detection and response capabilities easily and swiftly.

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments. Untitled Goose Tool gathers additional telemetry from Microsoft Defender for Endpoint (MDE) and Defender for Internet of Things (IoT) (D4IoT).

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts.