Pinned
Repositories
- FalconHound Public
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
- KQLAnalyzer Public
REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
-
-
-
- FalconForge Public
This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.
-
- ADExplorerSnapshot.py Public Forked from c3c/ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
- Azure-Sentinel Public Forked from Azure/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.