Macmod / CrowdBehaviors Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

A simple utility to visualize detected behaviors from a CrowdStrike console.

1 star 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
README.md		README.md
crowdbehaviors.py		crowdbehaviors.py
requirements.txt		requirements.txt

Repository files navigation

CrowdBehavior

A simple utility using FalconPy to print detection details from a CrowdStrike console as a readable table.

Usage

Install dependencies with pip:

$ pip install -r requirements.txt

Then just run:

$ python3 crowdbehaviors.py --client-id <YOUR_CLIENT_ID> --secret <YOUR_SECRET>

Optional Flags

--limit. Maximum number of detections to extract.
--offset. Offset for detections query.
--sort. Sorting criteria for detections query.
--filter. Filter to use for detections query.
--json. Dump detection objects as JSON instead of showing table of behaviors.
--detections-only. Show detections only - not their individual behaviors.

About

A simple utility to visualize detected behaviors from a CrowdStrike console.

security detection infosec crowdstrike edr falconpy

Report repository

Releases 1

Packages

No packages published

Languages

Python 100.0%