A free, open-source forensics PowerShell module for conducting incident response and threat hunting of Microsoft Cloud environments. Hawk streamlines the collection of forensic data from Microsoft 365 and Entra ID environments to help security professionals, incident responders, and administrators quickly gather critical log data and id... More info

Log user log on and off activity to a txt file and optionally to Teams. Run with -help or no arguments for usage.

Real-time Windows Event Log monitoring and alerting module for PowerShell. EventMonitor.Windows enables security monitoring, automation, observability pipelines, SIEM integration, telemetry, and AI agent orchestration using EventLogWatcher for instant OS-level event delivery. Monitors 40+ event IDs across 17 groups: logon/logoff, failed authen... More info