Alternatives and similar repositories for wazuh-detection-rules:

Users that are interested in wazuh-detection-rules are comparing it to the libraries listed below

• SanWieb / sigWah
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆33Updated 4 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 9 months ago
• NVISOsecurity / nviso-cti
  ☆41Updated 9 months ago
• Truvis / Suricata_Threat-Hunting-Rules
  Collection of Suricata rule sets that I use modified to my environments.
  ☆39Updated 4 years ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 2 months ago
• juaromu / wazuh
  ☆18Updated 3 years ago
• svdwi / BlueBox
  BlueBox Malware analysis Box and Cyber threat intelligence.
  ☆39Updated 2 years ago
• silverfort-open-source / latma
  ☆79Updated last year
• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 3 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• alertflex / altprobe
  collector/runner
  ☆65Updated last year
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆62Updated 3 years ago
• cyware-labs / Threat-Response-Docker
  ☆41Updated 2 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 3 years ago
• jeffjbowie / Nessus2Word
  ☆19Updated 3 years ago
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆38Updated 2 years ago
• crow1011 / wazuh2thehive
  Wazuh integration TheHive
  ☆34Updated last year
• johnfranolich / Hunting-Scripts
  A collection of hunting and blue team scripts. Mostly others, some my own.
  ☆38Updated 2 years ago
• karimhabush / cis-vsphere
  A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
  ☆49Updated 2 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 3 years ago
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated 9 months ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated last year
• refractionPOINT / limacharlie
  Old home of LimaCharlie, open source EDR
  ☆29Updated last year
• MISP / evtx-toolkit
  Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream
  ☆11Updated 4 years ago
• georgi-i / winevt_logs_analysis
  Searching .evtx logs for remote connections
  ☆24Updated last year
• cabve / CbR
  Queries for Carbon Black Response
  ☆11Updated 4 years ago
• juaromu / wazuh-nmap
  ☆17Updated 2 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• h0rv4th / c2matrix-analyzer
  Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack
  ☆12Updated 4 years ago
• cnotin / m365_groups_enum
  Enumerate Microsoft 365 Groups in a tenant with their metadata
  ☆52Updated 3 years ago