falconpy
gofalcon
falconpy | gofalcon | |
---|---|---|
30 | 5 | |
306 | 51 | |
1.6% | - | |
9.5 | 8.2 | |
9 days ago | 6 days ago | |
Python | Go | |
The Unlicense | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
falconpy
-
Identity API for PSfalcon or FalconPY
And for falconpy: https://github.com/CrowdStrike/falconpy/wiki/Identity-Protection
-
APIs for Operational stuffs
https://github.com/CrowdStrike/falconpy/tree/main/samples https://github.com/CrowdStrike/psfalcon/tree/master/samples
-
API - Group by Remediation
We also have an example that does some sorting and basic aggregation that's a little similar (but does not focus on remediations). Similar to your suggestion, this sample also consumes all available matches at the outset using a pretty expansive query.
-
How do i search for all hosts with FQL/FalconPy?
Here's a sample that will paginate through all of your hosts. Depending on the API call you're using, you can request up to 5,000 hosts.
-
Find Host by CVE List
Howdy Yall, qq. Does anyone know if it is possible to search not just one CVE but a short list? from the github here https://github.com/CrowdStrike/falconpy/blob/main/samples/spotlight/find_hosts_by_cve.py
-
Host and MSSP Endpoint’s
Logging in with the parent credentials to the Hosts Service Class will show hosts from child CIDs when you make calls to QueryDevicesByFilter or QueryDevicesByFilterScroll. For an example on how to paginate through the results, you can check out the sample here: https://github.com/CrowdStrike/falconpy/blob/main/samples/hosts/sensor_versions_by_hostname_scrolling.py
-
Help with simple python script
start with samples work backward: https://github.com/CrowdStrike/falconpy/tree/main/samples/hosts
-
How to Resolve a 405 Error When Setting Up CrowdStrike Stream with Google Chronicle?
I would need to see more of your code to get an idea for why you're running into this error. You may find it easier to review an existing integration that populates Chronicle via the Event Streams API instead. This one leverages our Python SDK: https://github.com/CrowdStrike/falcon-integration-gateway.
-
Associate Put file ID with put file name in Falconpy
Can I see more of your code? Feels like we're missing something. Sample code (queued execute): https://github.com/CrowdStrike/falconpy/blob/main/samples/rtr/queued_execute.py
-
Error when attempting to update Device Control policy
I think you may be right. It looks like the payload handler for this operation is not looking for the id key. (I will track this fix using the GitHub issue you just created. )
gofalcon
-
Several questions about CrowdStrike
Yes, using the Falcon APIs. Try PSFalcon, falconpy or gofalcon. Using PSFalcon, you could do this with the Invoke-FalconRtr command.
-
Modify Detections via API
I don't recommend using curl beyond testing. Why not try one of our API SDKs?
-
RTR API for files download
Go - GoFalcon
-
Crowdstrike API Help
CrowdStrike has more than one hundred different API endpoints, and they generally work in a handful of different ways. If you're new to APIs, it's easiest to start with a kit like falconpy, gofalcon or PSFalcon. These kits are all designed to help you handle the basic things like authentication, request formatting, pagination and even combining multiple APIs together to achieve a certain goal.
-
CrowdStrike API for Dummies?
PSFalcon makes these APIs easier to use with PowerShell, while falconpy and gofalcon make them easier to use with Python and Golang, respectively. If you're completely new to APIs but understand one of these languages, one of these tools will be the best place to start. If you'd like to pull this data directly with Excel, you're going to have to start from scratch, or figure out how you could use Excel to call one of these tools to get your data.
What are some alternatives?
psfalcon - PowerShell for CrowdStrike's OAuth2 APIs
MISP-tools - Import CrowdStrike Threat Intelligence into your instance of MISP
BulkStrike - BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
dotify - 🐍🎶 Yet another Spotify Web API Python library
gybe - A simple YAML transpiler for rendering Kubernetes manifests using python type-hints.
msgraph-sdk-python-core - Microsoft Graph client library for Python
OWON-VDS1022 - Unofficial release for the OWON VDS1022/I Oscilloscope
TelegramShillBot - A simple Telegram bot, written in Python, that you can use to shill (i.e. send messages) your token, or whatever, to channels.
CrowdStrike-Spotlight-Humio-Package-Integration
pypokedex - A minimal pokedex library for Python
ansible_collection_falcon - Install and configure CrowdStrike's Falcon sensor via Ansible.