Skip to content
@FalconForceTeam

FalconForce

Pinned Loading

  1. FalconHound FalconHound Public

    FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

    Go 743 49

  2. FalconFriday FalconFriday Public

    Hunting queries and detections

    735 83

  3. BOF2shellcode BOF2shellcode Public

    POC tool to convert CobaltStrike BOF files to raw shellcode

    C 175 27

  4. KQLAnalyzer KQLAnalyzer Public

    REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

    C# 31 6

  5. FalconForge FalconForge Public

    This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 3…

    Python 15 8

  6. SOAPHound SOAPHound Public

    SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

    C# 692 70

Repositories

Showing 10 of 12 repositories
  • FalconHound Public

    FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

    FalconForceTeam/FalconHound’s past year of commit activity
    Go 743 BSD-3-Clause 49 1 1 Updated Nov 28, 2024
  • KQLAnalyzer Public

    REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

    FalconForceTeam/KQLAnalyzer’s past year of commit activity
    C# 31 6 0 0 Updated Nov 25, 2024
  • FalconFriday Public

    Hunting queries and detections

    FalconForceTeam/FalconFriday’s past year of commit activity
    735 BSD-3-Clause 83 1 0 Updated Sep 10, 2024
  • reply-url-brute Public

    Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure

    FalconForceTeam/reply-url-brute’s past year of commit activity
    Python 10 BSD-3-Clause 0 0 0 Updated Jul 23, 2024
  • SOAPHound Public

    SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

    FalconForceTeam/SOAPHound’s past year of commit activity
    C# 692 GPL-3.0 70 4 1 Updated Feb 3, 2024
  • AzureHoundAutoCollect Public

    Some plumbing to automate the collection of AzureHound

    FalconForceTeam/AzureHoundAutoCollect’s past year of commit activity
    Shell 3 0 0 0 Updated Jul 24, 2023
  • ParrotForce Public

    Azure playbook for automatic evidence collection

    FalconForceTeam/ParrotForce’s past year of commit activity
    7 4 0 0 Updated Jul 3, 2023
  • FalconForge Public

    This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.

    FalconForceTeam/FalconForge’s past year of commit activity
    Python 15 8 0 0 Updated Mar 10, 2023
  • SysWhispers2BOF Public

    Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs

    FalconForceTeam/SysWhispers2BOF’s past year of commit activity
    Python 117 17 0 1 Updated May 24, 2022
  • ADExplorerSnapshot.py Public Forked from c3c/ADExplorerSnapshot.py

    ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

    FalconForceTeam/ADExplorerSnapshot.py’s past year of commit activity
    Python 2 125 0 0 Updated Apr 6, 2022

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

Loading…