0xbad53c / wazuh-detection-rulesLinks
Our collection of Wazuh detection rules for our Offense Lab
☆15Updated 3 years ago
Alternatives and similar repositories for wazuh-detection-rules
Users that are interested in wazuh-detection-rules are comparing it to the libraries listed below
Sorting:
- Collection of Suricata rule sets that I use modified to my environments.☆39Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆94Updated 3 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆68Updated 4 years ago
- ☆43Updated 2 years ago
- Look into EDR events from network☆24Updated 3 months ago
- Kibana 7 Templates for Suricata IDPS Threat Hunting☆42Updated last week
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 5 years ago
- PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset☆22Updated 3 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 5 years ago
- Fast IOC and YARA Scanner☆83Updated 5 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- ☆43Updated last month
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 2 years ago
- collector/runner☆65Updated 5 months ago
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Updated 6 years ago
- ☆53Updated 3 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆37Updated 3 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 3 years ago
- ☆49Updated this week
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- Collection of Dashboards for Threat Hunting and more!☆68Updated 4 years ago
- Run Velociraptor on Security Onion☆39Updated 3 years ago
- Melody is a transparent internet sensor built for threat intelligence. Supports custom tagging rules and vulnerable application simulatio…☆141Updated 6 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆157Updated 5 months ago
- ☆17Updated 3 years ago
- Convert Sigma rules to Wazuh rules☆67Updated last year
- ☆57Updated this week
- Wazuh integration TheHive☆38Updated 2 years ago
- Scripts to automatically import threat intel into QRadar☆12Updated 6 years ago