Skip to content
@FalconForceTeam

FalconForce

Pinned

  1. FalconHound FalconHound Public

    FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

    Go 668 40

  2. FalconFriday FalconFriday Public

    Hunting queries and detections

    652 69

  3. BOF2shellcode BOF2shellcode Public

    POC tool to convert CobaltStrike BOF files to raw shellcode

    C 161 27

  4. KQLAnalyzer KQLAnalyzer Public

    REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

    C# 25 5

  5. FalconForge FalconForge Public

    This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 3…

    Python 13 7

  6. SOAPHound SOAPHound Public

    SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

    C# 557 57

Repositories

Showing 10 of 11 repositories
  • FalconFriday Public

    Hunting queries and detections

    652 BSD-3-Clause 69 1 0 Updated Apr 4, 2024
  • FalconHound Public

    FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

    Go 668 BSD-3-Clause 40 0 0 Updated Mar 9, 2024
  • SOAPHound Public

    SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

    C# 557 GPL-3.0 57 4 2 Updated Feb 3, 2024
  • KQLAnalyzer Public

    REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

    C# 25 5 2 0 Updated Nov 28, 2023
  • AzureHoundAutoCollect Public

    Some plumbing to automate the collection of AzureHound

    Shell 2 0 0 0 Updated Jul 24, 2023
  • ParrotForce Public

    Azure playbook for automatic evidence collection

    6 4 0 0 Updated Jul 3, 2023
  • FalconForge Public

    This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.

    Python 13 7 0 0 Updated Mar 10, 2023
  • SysWhispers2BOF Public

    Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs

    Python 117 17 0 1 Updated May 24, 2022
  • ADExplorerSnapshot.py Public Forked from c3c/ADExplorerSnapshot.py

    ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

    Python 2 101 0 0 Updated Apr 6, 2022
  • Azure-Sentinel Public Forked from Azure/Azure-Sentinel

    Cloud-native SIEM for intelligent security analytics for your entire enterprise.

    Jupyter Notebook 7 MIT 2,839 0 0 Updated Mar 11, 2022
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

Loading…