microsoft / tim-data-investigate-platformLinks
TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes collaboration through shared queries (pivots) and centralized tagged events.
☆23Updated 11 months ago
Alternatives and similar repositories for tim-data-investigate-platform
Users that are interested in tim-data-investigate-platform are comparing it to the libraries listed below
Sorting:
- Velociraptor Server hosted in Azure App Service☆55Updated last month
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 5 months ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆21Updated 6 months ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆39Updated last month
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆94Updated 11 months ago
- ☆99Updated last week
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 7 months ago
- ☆22Updated 2 years ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- Hunting Queries for Defender ATP☆82Updated 3 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆97Updated 8 months ago
- A repository to share publicly available Velociraptor detection content☆184Updated last week
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆27Updated 7 months ago
- Azure function to insert MISP data in to Azure Sentinel☆32Updated 2 years ago
- ☆61Updated 2 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 4 months ago
- A list of RMMs designed to be used in automation to build alerts☆111Updated 3 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆41Updated this week
- A pySigma wrapper to manage detection rules.☆40Updated last week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆79Updated 2 months ago
- Menu for Thor scanner lite☆17Updated 2 weeks ago
- USN Journal full path builder☆60Updated 10 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 8 months ago
- Full of public notes and Utilities☆117Updated 5 months ago
- Parses USB connection artifacts from offline Registry hives☆99Updated last month
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆76Updated last week
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated 2 weeks ago