TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes collaboration through shared queries (pivots) and centralized tagged events.
☆23Aug 7, 2024Updated last year
Alternatives and similar repositories for tim-data-investigate-platform
Users that are interested in tim-data-investigate-platform are comparing it to the libraries listed below
Sorting:
- ☆21May 8, 2022Updated 3 years ago
- A not so awesome list of adversary emulation gems for aspiring red/blue/purple teamers☆16Jul 19, 2022Updated 3 years ago
- Work in Progress repo☆15Apr 18, 2019Updated 6 years ago
- Parse Microsoft shim databases☆32Jan 8, 2025Updated last year
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- ☆51Nov 25, 2025Updated 3 months ago
- LILO based Pulse Secure appliance disk image decryptor☆13Mar 20, 2024Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- Microsoft Defender for Endpoint PowerShell module☆12Dec 28, 2023Updated 2 years ago
- yaa - yaml search for humans☆12Dec 8, 2025Updated 2 months ago
- A modified fork of Be.HexEditor for use in debug tools☆15Jan 5, 2022Updated 4 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- Small visualizator for PE files☆70Sep 20, 2023Updated 2 years ago
- Azure AD (Entra ID) enumeration tool. Find related domains and tenant information in a simple way.☆35Oct 4, 2024Updated last year
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".☆14Jul 12, 2021Updated 4 years ago
- ☆18Mar 26, 2025Updated 11 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆51Sep 22, 2025Updated 5 months ago
- Living off the False Positive!☆41Jan 31, 2025Updated last year
- ☆48Feb 14, 2026Updated 2 weeks ago
- IR drill plateform☆23Jul 29, 2025Updated 7 months ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)☆41Nov 7, 2023Updated 2 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Feb 16, 2025Updated last year
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆40Oct 30, 2024Updated last year
- ☆20Jan 10, 2025Updated last year
- MS Entra ID Protection Guidance☆22Apr 2, 2024Updated last year
- ☆22Jan 31, 2023Updated 3 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Nov 26, 2025Updated 3 months ago
- A collection of CVEs weaponized by ransomware operators☆130Oct 13, 2025Updated 4 months ago
- Library of threat hunts to get any user started!☆49Sep 4, 2020Updated 5 years ago
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆37Jul 23, 2025Updated 7 months ago
- Cleo Unrestricted file upload and download PoC (CVE-2024-50623)☆25Dec 11, 2024Updated last year
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…☆19Feb 2, 2025Updated last year
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆21Aug 23, 2024Updated last year
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago