{"payload":{"pageCount":1,"repositories":[{"type":"Public","name":"FalconFriday","owner":"FalconForceTeam","isFork":false,"description":"Hunting queries and detections","allTopics":["sentinel","hunting","blueteam","purpleteam","kql","defender-atp","defender-for-endpoint"],"primaryLanguage":null,"pullRequestCount":0,"issueCount":1,"starsCount":690,"forksCount":78,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-28T13:26:15.356Z"}},{"type":"Public","name":"FalconHound","owner":"FalconForceTeam","isFork":false,"description":"FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. ","allTopics":[],"primaryLanguage":{"name":"Go","color":"#00ADD8"},"pullRequestCount":0,"issueCount":0,"starsCount":715,"forksCount":45,"license":"BSD 3-Clause \"New\" or \"Revised\" License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-06-11T04:34:20.490Z"}},{"type":"Public","name":"KQLAnalyzer","owner":"FalconForceTeam","isFork":false,"description":"REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.","allTopics":[],"primaryLanguage":{"name":"C#","color":"#178600"},"pullRequestCount":1,"issueCount":2,"starsCount":26,"forksCount":6,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-05-09T09:02:44.193Z"}},{"type":"Public","name":"SOAPHound","owner":"FalconForceTeam","isFork":false,"description":"SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.","allTopics":[],"primaryLanguage":{"name":"C#","color":"#178600"},"pullRequestCount":2,"issueCount":4,"starsCount":593,"forksCount":65,"license":"GNU General Public License v3.0","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2024-02-03T08:52:49.386Z"}},{"type":"Public","name":"AzureHoundAutoCollect","owner":"FalconForceTeam","isFork":false,"description":"Some plumbing to automate the collection of AzureHound","allTopics":[],"primaryLanguage":{"name":"Shell","color":"#89e051"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":0,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-24T11:32:55.996Z"}},{"type":"Public","name":"ParrotForce","owner":"FalconForceTeam","isFork":false,"description":"Azure playbook for automatic evidence collection","allTopics":["automation","azure","response"],"primaryLanguage":null,"pullRequestCount":0,"issueCount":0,"starsCount":6,"forksCount":4,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-07-03T14:43:13.571Z"}},{"type":"Public","name":"FalconForge","owner":"FalconForceTeam","isFork":false,"description":"This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":14,"forksCount":8,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2023-03-10T09:34:54.225Z"}},{"type":"Public","name":"SysWhispers2BOF","owner":"FalconForceTeam","isFork":false,"description":"Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":1,"issueCount":0,"starsCount":117,"forksCount":17,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-05-24T11:19:59.311Z"}},{"type":"Public","name":"ADExplorerSnapshot.py","owner":"FalconForceTeam","isFork":true,"description":"ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.","allTopics":[],"primaryLanguage":{"name":"Python","color":"#3572A5"},"pullRequestCount":0,"issueCount":0,"starsCount":2,"forksCount":108,"license":null,"participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-04-06T12:32:14.229Z"}},{"type":"Public","name":"Azure-Sentinel","owner":"FalconForceTeam","isFork":true,"description":"Cloud-native SIEM for intelligent security analytics for your entire enterprise.","allTopics":[],"primaryLanguage":{"name":"Jupyter Notebook","color":"#DA5B0B"},"pullRequestCount":0,"issueCount":0,"starsCount":7,"forksCount":2900,"license":"MIT License","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2022-03-11T09:24:29.717Z"}},{"type":"Public","name":"BOF2shellcode","owner":"FalconForceTeam","isFork":false,"description":"POC tool to convert CobaltStrike BOF files to raw shellcode","allTopics":[],"primaryLanguage":{"name":"C","color":"#555555"},"pullRequestCount":0,"issueCount":1,"starsCount":169,"forksCount":27,"license":"Other","participation":null,"lastUpdated":{"hasBeenPushedTo":true,"timestamp":"2021-11-05T18:37:53.056Z"}}],"repositoryCount":11,"userInfo":null,"searchable":true,"definitions":[],"typeFilters":[{"id":"all","text":"All"},{"id":"public","text":"Public"},{"id":"source","text":"Sources"},{"id":"fork","text":"Forks"},{"id":"archived","text":"Archived"},{"id":"template","text":"Templates"}],"compactMode":false},"title":"FalconForceTeam repositories"}