CrowdStrike / Falcon-Toolkit
Unleash the power of the Falcon Platform at the CLI
☆109Updated this week
Related projects: ⓘ
- ☆93Updated this week
- Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK☆34Updated this week
- ☆79Updated 2 months ago
- Real-time Response scripts and schema☆100Updated 9 months ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆41Updated last year
- Repository of SentinelOne Deep Visibility queries.☆116Updated 3 years ago
- This repository contains Community and Field contributed content for LogScale☆137Updated last week
- Web based S1 query navigator for one-click threat hunting☆18Updated 3 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆184Updated 4 years ago
- ☆72Updated last month
- ☆26Updated 3 years ago
- SentinelOne STAR Rules☆45Updated 10 months ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- ☆50Updated last year
- Collection of useful Canary tools☆67Updated last week
- InsightVM helpful SQL queries☆57Updated 3 months ago
- ☆83Updated 2 years ago
- ☆63Updated 6 months ago
- ☆68Updated last year
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆96Updated 5 months ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- Conference presentations☆45Updated 11 months ago
- ☆40Updated last year
- Notes on responding to security breaches relating to Azure AD☆91Updated 2 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆142Updated 7 months ago
- A collection of various SIEM rules relating to malware family groups.☆60Updated 3 months ago
- MDE relies on some of the Audit settings to be enabled☆94Updated 2 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆21Updated last month
- Audit Inspector is a tool for configuring and auditing Windows auditing.☆21Updated last month
- ☆31Updated last year