What is the pricing for Untitled Goose Tool?

Untitled Goose Tool is a free Security Operations tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/cisagov/untitledgoosetool/ for download and installation instructions.

What are alternatives to Untitled Goose Tool?

Popular alternatives to Untitled Goose Tool include: 1. MailXaminer Email Decryption - Decrypts S/MIME & OpenPGP emails from PST/OST/EDB for forensic analysis. (Commercial) 2. libesedb - A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes. (Free) 3. Cloud Forensics Utils - A forensics toolkit for collecting digital evidence from Google Cloud Platform, Microsoft Azure, and Amazon Web Services during incident response investigations. (Free) 4. AVML (Acquire Volatile Memory for Linux) - A portable Rust-based tool for acquiring volatile memory from Linux systems without requiring prior knowledge of the target OS distribution or kernel. (Free) 5. NotRuler - NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler. (Free) Compare these tools and more at https://cybersectools.com/categories/security-operations

Who should use Untitled Goose Tool?

Untitled Goose Tool is for security teams and organizations that need Azure, Microsoft 365. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Security Operations tools can be found at https://cybersectools.com/categories/security-operations

Untitled Goose Tool

A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.

Free952

Visit Website

Compare

Free952

Untitled Goose Tool

A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.

Visit Website

Data verified Apr 2026

Explore Security Operations 48 Alternatives Compare Stacks Market Map Explore All Tools

ADYour product here. Reach security decision-makers.Launch a campaign

Untitled Goose Tool Description

Security Operations/Digital Forensics and Incident Response

Azure Microsoft 365

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments. It gathers additional telemetry from Microsoft Defender for Endpoint (MDE) and Defender for Internet of Things (D4IoT). This tool assists incident response teams by exporting cloud artifacts after an incident for environments that aren't ingesting logs into a Security Information and Events Management (SIEM) or other long term solution for logs.

Untitled Goose Tool Description

Security Operations/Digital Forensics and Incident Response

Azure Microsoft 365

Untitled Goose Tool FAQ

Common questions about Untitled Goose Tool including features, pricing, alternatives, and user reviews.

Untitled Goose Tool is A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments. It is a Security Operations solution designed to help security teams with Azure, Microsoft 365.

Have more questions? Browse our categories or search for specific tools.