sigma-rules | Topic | Ecosyste.ms: Repos

Topic: "sigma-rules"

ion-storm/sysmon-config Fork of SwiftOnSecurity/sysmon-config

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

Language: PowerShell - Size: 1.56 MB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 752 - Forks: 141

wagga40/Zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Language: Python - Size: 61 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 705 - Forks: 96

Elemental-attack/Elemental

Elemental - An ATT&CK Threat Library

Language: HTML - Size: 3.76 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 309 - Forks: 53

anil-yelken/cyber-security

My cyber security tools

Size: 28.3 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 256 - Forks: 116

phish-report/IOK

IOK (Indicator Of Kit) is an open source language and ruleset for detecting phishing threat actor tools and tactics

Language: Go - Size: 1.06 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 182 - Forks: 36

nasbench/SIGMA-Resources

Resources To Learn And Understand SIGMA Rules

Size: 13.7 KB - Last synced at: 25 days ago - Pushed at: over 2 years ago - Stars: 174 - Forks: 13

blackberry/threat-research-and-intelligence

BlackBerry Threat Research & Intelligence

Language: Jupyter Notebook - Size: 20.3 MB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 88 - Forks: 14

AttackIQ/SigmAIQ

A pySigma wrapper and langchain toolkit for automatic rule creation/translation

Language: Python - Size: 1.49 MB - Last synced at: 6 days ago - Pushed at: 10 days ago - Stars: 81 - Forks: 12

3CORESec/S2AN

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator

Language: C# - Size: 64.2 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 77 - Forks: 12

krdmnbrk/AttackRuleMap

Mapping of open-source detection rules and atomic tests.

Size: 1.65 MB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 72 - Forks: 7

mthcht/ThreatHunting-Keywords-sigma-rules

Sigma detection rules for hunting with the threathunting-keywords project

Language: Python - Size: 176 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 54 - Forks: 7

u-siem/u-siem-core

Framework definitions that allow to build a custom SIEM.

Language: Rust - Size: 1 MB - Last synced at: 20 days ago - Pushed at: 8 months ago - Stars: 26 - Forks: 7

sysflow-telemetry/sf-processor

SysFlow edge processing pipeline

Language: Go - Size: 59.2 MB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 16 - Forks: 13

marirs/sigma-convert

Convert Sigma Rules to different formats

Language: Rust - Size: 35.7 MB - Last synced at: about 1 month ago - Pushed at: 10 months ago - Stars: 11 - Forks: 3

muchdogesec/sigma2stix 📦

[ARCHIVED -- USE TXT2DETECTION] A command line tool that converts Sigma Rules into STIX 2.1 Objects.

Language: Python - Size: 204 KB - Last synced at: 28 days ago - Pushed at: 5 months ago - Stars: 9 - Forks: 2

anil-yelken/sigma-rules

sigma rules

Size: 29.3 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 9 - Forks: 7

RussianPanda95/Sigma-Rules

Repository of Sigma Rules

Size: 51.8 KB - Last synced at: 2 days ago - Pushed at: about 1 month ago - Stars: 7 - Forks: 0

xFFninja/happy_threat_hunting

Threat Hunting

Size: 22.5 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 6 - Forks: 1

wikijm/ConvertSigmaRepo2SentinelOnePQ

Scripts played by GitHub Actions that converts Sigma rules to SentinelOne PowerQuery via PySigma.

Language: Python - Size: 27.8 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 5 - Forks: 2

whichbuffer/Threat-Detection-Rules

Threat Detection Repository - YARA / SIGMA rules

Language: YARA - Size: 104 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 0

sansan-monkey/hunting-rules

Threat Hunting Rules - work in progress

Size: 98.6 KB - Last synced at: 5 months ago - Pushed at: almost 2 years ago - Stars: 3 - Forks: 1

bradleyjkemp/sigmadoc

A static site generator for @SigmaHQ rules

Language: JavaScript - Size: 31 MB - Last synced at: about 2 months ago - Pushed at: about 2 years ago - Stars: 3 - Forks: 3

pop-ecx/sigma_picker.nvim

pick and convert to specific backends for sigma rules

Language: Lua - Size: 3.23 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 2 - Forks: 0

scrymastic/pyroclast

Python tool for analyzing Windows event logs using Sigma rules for threat detection

Language: Python - Size: 8.61 MB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 2 - Forks: 1

subhranshuchoudhury/sigma-rules-api

Sigma rules fun API. A restful API which contains most funny sigma rules. Sigma-rule-api made by subhranhsu sekhar choudhury.

Language: EJS - Size: 62.5 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 2 - Forks: 0

pop-ecx/sigma-ls

A minimal language server to help in writing sigma rules

Language: Python - Size: 31.2 MB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 1 - Forks: 0

arblade/nyx

a new network detection format (sigma like but for network)

Language: Python - Size: 4.43 MB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 1 - Forks: 0

j91321/sigma-playground

Simple browser playground for Sigma rule format.

Language: Vue - Size: 1.36 MB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0

vastlimits/uberAgent-Sigma-Rule-Coverage-Explorer

Web app that allows you to browse and explore the Sigma rules supported by uberAgent ESA's Threat Detection Engine.

Language: Python - Size: 3.26 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 1

svarozhych/yaml_converter

A command-line tool that converts YAML files into human-readable, formatted Word documents using AI-powered analysis.

Language: Python - Size: 18.6 KB - Last synced at: 29 days ago - Pushed at: 30 days ago - Stars: 0 - Forks: 0

aj-tap/musashi

Musashi is a Python-based rapid triage tool that applies SIGMA rules and DL anomaly detection to endpoint logs (e.g., Defender, Cortex) for threat detection and IOC extraction. It automates log analysis, helping security analysts quickly identify suspicious activity without manual querying. 🚀

Language: Python - Size: 25.1 MB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

Mahir-Ali-khan/Sigma-Rules

This Repository is created to publish SIGMA rules

Size: 9.77 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0

roghuchi/sigma-automation

Language: Groovy - Size: 9.77 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

apophis133/apophis-SIGMA-Rules

Repository of SIGMA rules and real attacking scenarios detection

Size: 0 Bytes - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0

vastlimits/pySigma-backend-uberAgent

uberAgent backend for the Sigma rule converter.

Language: Python - Size: 146 KB - Last synced at: 25 days ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0

jacobstickney/sigmarules

Size: 36.1 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 0 - Forks: 0

leitosama/SubSigma 📦

Sigma Rules Subscription/Watcher/Notifier

Language: Go - Size: 35.2 KB - Last synced at: 7 days ago - Pushed at: 12 months ago - Stars: 0 - Forks: 1