CrowdStrike / caracara
Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK
☆34Updated this week
Related projects: ⓘ
- Unleash the power of the Falcon Platform at the CLI☆109Updated this week
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆41Updated last year
- ☆93Updated this week
- ☆68Updated last year
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- ☆50Updated last year
- ☆83Updated 2 years ago
- Notes on responding to security breaches relating to Azure AD☆91Updated 2 years ago
- ☆26Updated 3 years ago
- MDE relies on some of the Audit settings to be enabled☆94Updated 2 years ago
- ☆79Updated 2 months ago
- ☆40Updated last year
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆76Updated 8 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆35Updated 3 years ago
- A repository to share publicly available Velociraptor detection content☆115Updated this week
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 4 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆50Updated last year
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆24Updated 4 months ago
- SentinelOne STAR Rules☆45Updated 10 months ago
- Repository of SentinelOne Deep Visibility queries.☆116Updated 3 years ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆170Updated last week
- Conference presentations☆45Updated 11 months ago
- Full of public notes and Utilities☆81Updated 3 weeks ago
- Web based S1 query navigator for one-click threat hunting☆18Updated 3 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆120Updated 6 months ago
- Real-time Response scripts and schema☆100Updated 9 months ago
- A collection of various SIEM rules relating to malware family groups.☆60Updated 3 months ago
- ☆84Updated 4 months ago
- ☆72Updated last month
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago