FalconForceTeam/FalconForge external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

FalconForceTeam/FalconForge

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/FalconForceTeam/FalconForge)

Close

FalconForceTeam / FalconForgeView on GitHubMore

• External links
• Readme badge

This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.

☆17Mar 10, 2023Updated 3 years ago

Alternatives and similar repositories for FalconForge

Users that are interested in FalconForge are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• FalconForceTeam / KQLAnalyzer

  View on GitHub
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆51Sep 22, 2025Updated 7 months ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• microsoft / AzDetectSuite

  View on GitHub
  A collection of ARM-based detections for Azure/AzureAD based TTPs
  ☆91Dec 12, 2023Updated 2 years ago
• int0x80 / tcispy

  View on GitHub
  Pull author and committer names and emails from Travis-CI
  ☆11Aug 9, 2020Updated 5 years ago
• Azure / MDEASM-Solutions

  View on GitHub
  Solutions developed by the MDEASM Customer Experience Engineering (CxE) Go-To Production (GTP) team for Azure MDEASM
  ☆29Feb 3, 2025Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• piraija / import-custom-bloodhound-queries

  View on GitHub
  Import custom queries into BloodHound CE from a legacy BloodHound JSON file.
  ☆10Mar 22, 2024Updated 2 years ago
• CiscoCXSecurity / Detection-Engineering-Framework

  View on GitHub
  ☆96Jan 7, 2026Updated 3 months ago
• Intellisec-Solutions / Microsoft-Sentinel-SIGMA-Rules-Workbook

  View on GitHub
  ☆12Jul 15, 2022Updated 3 years ago
• EuroLeaps / scc-connectors

  View on GitHub
  Google Cloud Security Command Center to Azure Sentinel Connector
  ☆18Jul 15, 2023Updated 2 years ago
• threat-punter / detection-as-code-example

  View on GitHub
  A POC to implement Detection-as-Code with Terraform and Sumo Logic.
  ☆31Jul 27, 2023Updated 2 years ago
• cventour / PoSH

  View on GitHub
  Random Powershell scripts
  ☆13Feb 13, 2024Updated 2 years ago
• SecureHats / validate-detections

  View on GitHub
  GitHub action for validating Microsoft Sentinel detection rules
  ☆14May 22, 2023Updated 2 years ago
• ml58158 / AzureOpenAI-Playbook

  View on GitHub
  Azure OpenAI Playbook created for Microsoft Sentinel
  ☆13May 2, 2024Updated last year
• Atea-Redteam / CVE-2023-20198

  View on GitHub
  CVE-2023-20198 Checkscript
  ☆20Oct 23, 2023Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• jsa2 / kql

  View on GitHub
  KQL for Azure Resource Manager and AppID search
  ☆23Aug 15, 2024Updated last year
• themittenmac / threat-hunting-macos-book

  View on GitHub
  A companion Github repo for the book - Threat Hunting macOS by Jaron Bradley
  ☆20Jul 26, 2025Updated 9 months ago
• kumarvna / terraform-azurerm-firewall

  View on GitHub
  Terraform Module to create fully stateful Azure firewall as a service with built-in high availability.
  ☆14Oct 29, 2022Updated 3 years ago
• Sebmolendijk / mcas-labs

  View on GitHub
  Microsoft Cloud App Security labs
  ☆14Dec 17, 2018Updated 7 years ago
• siriussecurity / dettectinator

  View on GitHub
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆117Jan 22, 2026Updated 3 months ago
• msdirtbag / azurevelo

  View on GitHub
  Velociraptor Server hosted in Azure App Service
  ☆58Jun 4, 2025Updated 10 months ago
• OTRF / OSSEM-CDM

  View on GitHub
  OSSEM Common Data Model
  ☆56Sep 20, 2022Updated 3 years ago
• Yamato-Security / suzaku-rules

  View on GitHub
  ☆11Dec 9, 2025Updated 4 months ago
• redcanaryco / ansible-atomic-red-team

  View on GitHub
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆27Jul 4, 2024Updated last year
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• ep3p / Sentinel_KQL

  View on GitHub
  In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…
  ☆139Updated this week
• gajus / semantic-url-parser

  View on GitHub
  Extracts content information from known URL patterns.
  ☆19Feb 4, 2026Updated 2 months ago
• olafhartong / WDACme

  View on GitHub
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆30Jun 18, 2025Updated 10 months ago
• eshlomo1 / Azure-AD-Incident-Response

  View on GitHub
  Azure AD Incident Response
  ☆28Oct 8, 2021Updated 4 years ago
• pezhore / hashiconf-demo

  View on GitHub
  ☆11Oct 13, 2020Updated 5 years ago
• ACE-Responder / ace-proctree

  View on GitHub
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆35Mar 1, 2023Updated 3 years ago
• mercedes-benz / ansible-for-splunk-cloud

  View on GitHub
  Ansible playbooks for configuring and managing Splunk Cloud deployments with the Admin Config Service (ACS) API
  ☆29Apr 22, 2026Updated last week
• center-for-threat-informed-defense / summiting-the-pyramid

  View on GitHub
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆58Mar 2, 2026Updated last month
• JustinGrote / MicrosoftMvp

  View on GitHub
  PowerShell Module for Submitting MVP Activities
  ☆23Feb 22, 2026Updated 2 months ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• NateHutch365 / MDEValidator

  View on GitHub
  ☆42Apr 16, 2026Updated 2 weeks ago
• Cyb3r-Monk / ACCD

  View on GitHub
  Active C&C Detector
  ☆156Oct 5, 2023Updated 2 years ago
• AI-redteam / sherl0ck

  View on GitHub
  Search an entire directory of .eml email files for a word or phrase... in over 100 languages.
  ☆12Feb 28, 2023Updated 3 years ago
• blockadeio / cloud_node

  View on GitHub
  Python-based cloud node for local use
  ☆11Mar 7, 2018Updated 8 years ago
• mvelazc0 / attack2jira

  View on GitHub
  attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
  ☆115Mar 26, 2023Updated 3 years ago
• bitnesswise / shodan-postman-collection

  View on GitHub
  Postman collection to interact with the Shodan API
  ☆24Nov 8, 2023Updated 2 years ago
• ncerny / docker-idrac

  View on GitHub
  iDRAC 5 and 6 web interface and VNC proxy
  ☆10Aug 24, 2019Updated 6 years ago