From 51ec7f82f7e784a2d6055cd733b39adf7a393ca9 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Thu, 23 Jun 2022 20:05:21 +0700
Subject: [PATCH] Add: invictus-ir/Microsoft-365-Extractor-Suite to DFIR
 section

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 5b4b3a3..26fa89b 100644
--- a/README.md
+++ b/README.md
@@ -1697,6 +1697,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/intezer/linux-explorer">intezer/linux-explorer</a></td>
         <td>Easy-to-use live forensics toolbox for Linux endpoints</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/invictus-ir/Microsoft-365-Extractor-Suite">invictus-ir/Microsoft-365-Extractor-Suite</a></td>
+        <td>A set of PowerShell scripts that allow for complete and reliable acquisition of the Microsoft 365 Unified Audit Log</td>
+    </tr>
    <tr>
         <td><a href="https://github.com/Invoke-IR/ACE">Invoke-IR/ACE</a></td>
         <td>The Automated Collection and Enrichment (ACE) platform is a suite of tools for threat hunters to collect data from many endpoints in a network and automatically enrich the data. The data is collected by running scripts on each computer without installing any software on the target. ACE supports collecting from Windows, macOS, and Linux hosts.</td>