Alternatives and similar repositories for sigmai

Users that are interested in sigmai are comparing it to the libraries listed below

• OllieJC / tbat

  View on GitHub
  Threat Box Assessment Tool
  ☆19Aug 15, 2021Updated 4 years ago
• 3CORESec / S2AN

  View on GitHub
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆91Dec 8, 2022Updated 3 years ago
• thomaspatzke / elk-detection-lab

  View on GitHub
  An ELK environment containing interesting security datasets.
  ☆136May 11, 2020Updated 5 years ago
• neolea / neolea-training-materials

  View on GitHub
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆63May 30, 2025Updated 8 months ago
• 3CORESec / SIEGMA

  View on GitHub
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆159Mar 10, 2025Updated 11 months ago
• cedowens / C2-JARM

  View on GitHub
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆145Apr 20, 2023Updated 2 years ago
• WithSecureLabs / lazarus-sigma-rules

  View on GitHub
  ☆19Oct 23, 2020Updated 5 years ago
• caschnee / misp-use-cases

  View on GitHub
  ☆14May 30, 2018Updated 7 years ago
• SecurityRiskAdvisors / TALR

  View on GitHub
  Threat Alert Logic Repository
  ☆93Feb 7, 2019Updated 7 years ago
• cerebrate-project / cerebrate

  View on GitHub
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆91Updated this week
• mohlcyber / MISP-MVISION-EDR

  View on GitHub
  Integration between MISP platform and McAfee MVISION EDR
  ☆14Mar 14, 2022Updated 3 years ago
• socprime / SigmaUI

  View on GitHub
  SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
  ☆189May 5, 2021Updated 4 years ago
• jwillyamz / ezEmu

  View on GitHub
  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
  ☆108Feb 12, 2023Updated 3 years ago
• karthikkbala / MISP-QRadar-Integration

  View on GitHub
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆40May 18, 2022Updated 3 years ago
• binalyze / tigma

  View on GitHub
  Sigma Engine implementation in TypeScript
  ☆28Mar 5, 2023Updated 2 years ago
• siriussecurity / dettectinator

  View on GitHub
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆119Jan 22, 2026Updated 3 weeks ago
• opencybersecurityalliance / firepit

  View on GitHub
  Firepit - STIX Columnar Storage
  ☆17Jun 5, 2024Updated last year
• coolacid / misp_feedgen

  View on GitHub
  Feed Generator for MISP
  ☆19Nov 2, 2022Updated 3 years ago
• sebdraven / IOCmite

  View on GitHub
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆36Nov 9, 2022Updated 3 years ago
• CanTopay / thehive-playbook-creator

  View on GitHub
  A script to create and assign SOP tasks into the cases
  ☆20Aug 16, 2020Updated 5 years ago
• eCrimeLabs / MISP2CbR

  View on GitHub
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆20May 25, 2022Updated 3 years ago
• markuskont / go-sigma-rule-engine

  View on GitHub
  Golang library that implements a sigma log rule parser and match engine.
  ☆104Jul 17, 2024Updated last year
• marjatech / threatfox2misp

  View on GitHub
  Creating a Feed of MISP Events from ThreatFox (by abuse.ch)
  ☆19Jun 2, 2021Updated 4 years ago
• socprime / SigmaRulesIntegration

  View on GitHub
  ☆15Mar 13, 2018Updated 7 years ago
• Loginsoft-LLC / threat-detection-rules

  View on GitHub
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Jul 27, 2022Updated 3 years ago
• assafmo / xioc

  View on GitHub
  Extract indicators of compromise from text, including "escaped" ones.
  ☆161Apr 19, 2020Updated 5 years ago
• corelight / got_zoom

  View on GitHub
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Apr 15, 2020Updated 5 years ago
• wagga40 / Zircolite-Rules

  View on GitHub
  Sigma rules converted for direct use with Zircolite
  ☆14Updated this week
• topher-lo / hunts

  View on GitHub
  🐻‍❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
  ☆14May 22, 2024Updated last year
• theflakes / reg_hunter

  View on GitHub
  Blueteam operational triage registry hunting/forensic tool.
  ☆149Sep 2, 2025Updated 5 months ago
• socprime / soc_workflow_app_ce

  View on GitHub
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆94Aug 30, 2022Updated 3 years ago
• M3NIX / sigmaio

  View on GitHub
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆52Sep 1, 2023Updated 2 years ago
• 3CORESec / Automata

  View on GitHub
  Automatic detection engineering technical state compliance
  ☆55Jul 7, 2024Updated last year
• sbousseaden / YaraHunts

  View on GitHub
  Random hunting ordiented yara rules
  ☆96Mar 27, 2023Updated 2 years ago
• hm-seclab / YAFRA

  View on GitHub
  YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
  ☆27Dec 14, 2021Updated 4 years ago
• wagga40 / Mitre2Datatables

  View on GitHub
  Bring Your Own Mitre Att&ck © Matrix !
  ☆13Oct 19, 2023Updated 2 years ago
• 0xtf / testmynids.org

  View on GitHub
  A website and framework for testing NIDS detection
  ☆57Aug 29, 2021Updated 4 years ago
• StefanKelm / yara-rules

  View on GitHub
  Links to malware-related YARA rules
  ☆15Sep 29, 2022Updated 3 years ago
• EXC3L-ONE / awesome-synapse

  View on GitHub
  List of Awesome Vertex Synapse Resources
  ☆28Aug 6, 2024Updated last year