M
detecting-email-account-compromise
by mukul975
detecting-email-account-compromise helps incident responders and SOC analysts investigate Microsoft 365 and Google Workspace mailbox takeover by checking suspicious sign-ins, inbox rule abuse, external forwarding, OAuth grants, and Graph/audit-log activity. Use it as a practical detecting-email-account-compromise guide for fast triage.
Incident Response
Favorites 0GitHub 0