Voozh

Pinned Loading

FalconHound Public

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

Go 820 59
FalconFriday Public

Hunting queries and detections

893 111
BOF2shellcode Public

POC tool to convert CobaltStrike BOF files to raw shellcode

C 222 28
KQLAnalyzer Public

REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

C# 51 18
FalconForge Public

This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 3…

Python 18 10
SOAPHound Public

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

C# 866 92

Showing 10 of 17 repositories

FalconHound Public
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

Go 820 BSD-3-Clause 59 2 3 Updated
NRT-KQL Public
To create NRT rules, we needed to be certain about the KQL syntax that can and cannot be used. This led us to create our own documentation.

0 GPL-3.0 0 0 0 Updated
TelemetryCollectionManager Public
Manage and maintain Defender XDR custom collection configuration

Go 34 BSD-3-Clause 0 1 0 Updated
FalconFriday Public
Hunting queries and detections

893 BSD-3-Clause 111 1 1 Updated
KQLAnalyzer Public
REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

C# 51 18 1 0 Updated
dAWShund Public
Putting a leash on naughty AWS permissions

Python 135 BSD-3-Clause 10 0 0 Updated
reply-url-brute Public
Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure

Python 15 BSD-3-Clause 2 0 0 Updated
bof-winrm-client Public

C++ 128 BSD-3-Clause 19 0 0 Updated
bof-winrm-plugin-jump Public

C++ 33 BSD-3-Clause 2 0 0 Updated
SOAPHound Public
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

C# 866 GPL-3.0 92 5 1 Updated

This organization has no public members. You must be a member to see who’s a part of this organization.