A collection of searches, interesting events and tables on Crowdstrike Splunk.
☆30Mar 2, 2021Updated 5 years ago
Alternatives and similar repositories for falcon-crowdstrike
Users that are interested in falcon-crowdstrike are comparing it to the libraries listed below
Sorting:
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Dec 18, 2024Updated last year
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆43Nov 27, 2022Updated 3 years ago
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- ☆29Aug 12, 2021Updated 4 years ago
- Ansible role to deploy RedELK server☆19Sep 11, 2023Updated 2 years ago
- Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…☆24Jun 20, 2023Updated 2 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆215May 23, 2020Updated 5 years ago
- A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts☆18Apr 19, 2024Updated last year
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- CeramicSkate0 Sysmon configuration fork file template with default high-quality event tracing☆10Sep 29, 2023Updated 2 years ago
- A utility to force query DNS over DoH off of CloudFlare API when DNS block is in place☆10Aug 26, 2018Updated 7 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Feb 11, 2026Updated 2 weeks ago
- My attempts at making life with VMware that little bit easier.☆11Aug 7, 2023Updated 2 years ago
- Monitor the textual data pasted into Windows clipboard☆29Nov 4, 2018Updated 7 years ago
- ☆25Feb 9, 2022Updated 4 years ago
- Real-time Response scripts and schema☆122Oct 23, 2025Updated 4 months ago
- ☆84Mar 1, 2024Updated 2 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- ☆12Nov 3, 2020Updated 5 years ago
- Random scripts for azure stuff☆14Oct 12, 2022Updated 3 years ago
- A Beacon Object File (BOF) implementation of the 'cat' command☆26Feb 11, 2023Updated 3 years ago
- ☆86Nov 18, 2022Updated 3 years ago
- ☆172Feb 19, 2026Updated last week
- ☆19Mar 9, 2021Updated 4 years ago
- misc scripts/utils that I've written that aren't deserving of own repos.☆14Aug 18, 2021Updated 4 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆100Oct 12, 2021Updated 4 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- ☆14Jan 2, 2025Updated last year
- Set of utilities for getting information about Windows Events☆15Jun 5, 2018Updated 7 years ago
- Enumerate and check domains for Azure tenants☆59Feb 1, 2022Updated 4 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆44Feb 21, 2026Updated last week
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆38Sep 14, 2023Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 3 years ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year