FalconForceTeam/FalconForge external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

FalconForceTeam/FalconForge

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/FalconForceTeam/FalconForge)

Close

FalconForceTeam / FalconForgeView on GitHubMore

• External links
• Readme badge

This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.

☆17Mar 10, 2023Updated 3 years ago

Alternatives and similar repositories for FalconForge

Users that are interested in FalconForge are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• FalconForceTeam / KQLAnalyzer

  View on GitHub
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆54May 11, 2026Updated 3 weeks ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• microsoft / AzDetectSuite

  View on GitHub
  A collection of ARM-based detections for Azure/AzureAD based TTPs
  ☆92Dec 12, 2023Updated 2 years ago
• int0x80 / tcispy

  View on GitHub
  Pull author and committer names and emails from Travis-CI
  ☆11Aug 9, 2020Updated 5 years ago
• piraija / import-custom-bloodhound-queries

  View on GitHub
  Import custom queries into BloodHound CE from a legacy BloodHound JSON file.
  ☆10Mar 22, 2024Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• CiscoCXSecurity / Detection-Engineering-Framework

  View on GitHub
  ☆97Jan 7, 2026Updated 5 months ago
• Intellisec-Solutions / Microsoft-Sentinel-SIGMA-Rules-Workbook

  View on GitHub
  ☆12Jul 15, 2022Updated 3 years ago
• threat-punter / detection-as-code-example

  View on GitHub
  A POC to implement Detection-as-Code with Terraform and Sumo Logic.
  ☆32Jul 27, 2023Updated 2 years ago
• cventour / PoSH

  View on GitHub
  Random Powershell scripts
  ☆13Feb 13, 2024Updated 2 years ago
• SecureHats / validate-detections

  View on GitHub
  GitHub action for validating Microsoft Sentinel detection rules
  ☆14May 22, 2023Updated 3 years ago
• themittenmac / threat-hunting-macos-book

  View on GitHub
  A companion Github repo for the book - Threat Hunting macOS by Jaron Bradley
  ☆21Jul 26, 2025Updated 10 months ago
• kumarvna / terraform-azurerm-firewall

  View on GitHub
  Terraform Module to create fully stateful Azure firewall as a service with built-in high availability.
  ☆14Oct 29, 2022Updated 3 years ago
• Sebmolendijk / mcas-labs

  View on GitHub
  Microsoft Cloud App Security labs
  ☆14Dec 17, 2018Updated 7 years ago
• siriussecurity / dettectinator

  View on GitHub
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆117Jan 22, 2026Updated 4 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• msdirtbag / azurevelo

  View on GitHub
  Velociraptor Server hosted in Azure App Service
  ☆59Jun 4, 2025Updated last year
• OTRF / OSSEM-CDM

  View on GitHub
  OSSEM Common Data Model
  ☆56Sep 20, 2022Updated 3 years ago
• redcanaryco / ansible-atomic-red-team

  View on GitHub
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆28Jul 4, 2024Updated last year
• Yamato-Security / suzaku-rules

  View on GitHub
  ☆14Jun 1, 2026Updated last week
• ep3p / Sentinel_KQL

  View on GitHub
  In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…
  ☆139Jun 2, 2026Updated last week
• gajus / semantic-url-parser

  View on GitHub
  Extracts content information from known URL patterns.
  ☆19Feb 4, 2026Updated 4 months ago
• olafhartong / WDACme

  View on GitHub
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆30Jun 18, 2025Updated 11 months ago
• eshlomo1 / Azure-AD-Incident-Response

  View on GitHub
  Azure AD Incident Response
  ☆28Oct 8, 2021Updated 4 years ago
• pezhore / hashiconf-demo

  View on GitHub
  ☆11Oct 13, 2020Updated 5 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• ACE-Responder / ace-proctree

  View on GitHub
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆35Mar 1, 2023Updated 3 years ago
• center-for-threat-informed-defense / summiting-the-pyramid

  View on GitHub
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆61Mar 2, 2026Updated 3 months ago
• JustinGrote / MicrosoftMvp

  View on GitHub
  PowerShell Module for Submitting MVP Activities
  ☆23Feb 22, 2026Updated 3 months ago
• NateHutch365 / MDEValidator

  View on GitHub
  ☆43May 17, 2026Updated 3 weeks ago
• Cyb3r-Monk / ACCD

  View on GitHub
  Active C&C Detector
  ☆156Oct 5, 2023Updated 2 years ago
• infosecB / detection-as-code

  View on GitHub
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆61Mar 12, 2022Updated 4 years ago
• AI-redteam / sherl0ck

  View on GitHub
  Search an entire directory of .eml email files for a word or phrase... in over 100 languages.
  ☆12Feb 28, 2023Updated 3 years ago
• blockadeio / cloud_node

  View on GitHub
  Python-based cloud node for local use
  ☆11Mar 7, 2018Updated 8 years ago
• mvelazc0 / attack2jira

  View on GitHub
  attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
  ☆115Mar 26, 2023Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• ncerny / docker-idrac

  View on GitHub
  iDRAC 5 and 6 web interface and VNC proxy
  ☆10Aug 24, 2019Updated 6 years ago
• slyd0g / SwiftLiverpool

  View on GitHub
  Enumerate Location Services using CoreLocation API on macOS
  ☆19Dec 2, 2021Updated 4 years ago
• gf13579 / splunk_app_for_easm

  View on GitHub
  ☆10Sep 12, 2024Updated last year
• pwnedlabs / pwncloudos

  View on GitHub
  PWNCLOUDOS
  ☆48Apr 10, 2026Updated 2 months ago
• Logisek / AfterShell

  View on GitHub
  Fast Windows post-exploitation wins after initial access.
  ☆29Jan 28, 2026Updated 4 months ago
• cybersheepdog / Threat-Hunting-Metrics

  View on GitHub
  Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…
  ☆13Dec 7, 2022Updated 3 years ago
• secureworks / primary-refresh-token-viewer

  View on GitHub
  ☆12Oct 24, 2022Updated 3 years ago