CrowdStrike / gofalconLinks
Golang-based SDK to CrowdStrike's APIs
☆66Updated last week
Alternatives and similar repositories for gofalcon
Users that are interested in gofalcon are comparing it to the libraries listed below
Sorting:
- ☆44Updated 2 months ago
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Updated 4 years ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆112Updated 8 months ago
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 7 months ago
- pocket guide for core detection engineering concepts☆28Updated 2 years ago
- Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK☆38Updated this week
- Adversary emulation for EDR/SIEM testing (macOS/Linux)☆43Updated last year
- Unleash the power of the Falcon Platform at the CLI☆119Updated 2 weeks ago
- A Go implementation and parser for Sigma rules.☆89Updated 2 weeks ago
- Automated testing, generation & manipulation of #osquery packs☆72Updated 7 months ago
- ☆113Updated last week
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆75Updated last month
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated last year
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Updated 3 years ago
- MDE relies on some of the Audit settings to be enabled☆98Updated 2 years ago
- ☆46Updated last year
- Cisco Orbital - Osquery queries by Talos☆131Updated 9 months ago
- Threat Hunting & Incident Investigation with Osquery☆208Updated 3 years ago
- ☆58Updated 3 years ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆81Updated last week
- OSSEM Data Dictionaries☆60Updated 4 months ago
- Lightweight Python-Based Malware Analysis Pipeline☆34Updated 2 weeks ago
- ShellSweeping the evil.☆52Updated 11 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- A Golang library for interacting with the EPSS (Exploit Prediction Scoring System).☆28Updated 3 months ago
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆21Updated 9 months ago
- ☆34Updated last year
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆91Updated 3 years ago