Our collection of Wazuh detection rules for our Offense Lab
☆18Feb 13, 2022Updated 4 years ago
Alternatives and similar repositories for wazuh-detection-rules
Users that are interested in wazuh-detection-rules are comparing it to the libraries listed below
Sorting:
- Sigma to Wazuh rule converter☆18Sep 28, 2025Updated 5 months ago
- ☆22Mar 1, 2022Updated 4 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Useful scripts for those administering Wazuh☆93Jan 6, 2026Updated 2 months ago
- Personal scripts☆15Sep 11, 2024Updated last year
- Scripts to automatically import threat intel into QRadar☆14Jun 20, 2019Updated 6 years ago
- Wazuh integration TheHive☆41Feb 21, 2023Updated 3 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆72Jul 21, 2021Updated 4 years ago
- ☆41Aug 26, 2023Updated 2 years ago
- In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…☆60Updated this week
- ☆20Oct 17, 2021Updated 4 years ago
- Official documentation for TheHive Project applications☆21Sep 29, 2023Updated 2 years ago
- A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…☆24Mar 20, 2023Updated 2 years ago
- 一个代理扫描平台☆54Feb 1, 2021Updated 5 years ago
- ☆20Jan 20, 2023Updated 3 years ago
- Shell script to download apps from Splunkbase☆24May 19, 2020Updated 5 years ago
- 基于inotify的Linux文件实时监控程序,同时调用河马扫描来检测文件☆22Sep 4, 2020Updated 5 years ago
- Wazuh prometheus exporter☆35Jul 4, 2025Updated 8 months ago
- Convert Sigma rules to Wazuh rules☆74Sep 13, 2025Updated 5 months ago
- One Day of Python for SaintCon 2022☆11Jan 3, 2023Updated 3 years ago
- This repo contains scripts to automate the addition of 3rd party Wazuh rules to your Wazuh installation☆18Dec 31, 2023Updated 2 years ago
- 一款存储HTTP请求入库的burpsuite插件☆29Apr 8, 2018Updated 7 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆39Jun 8, 2020Updated 5 years ago
- Self‑hosted strength‑training analytics for Strong app exports. Import your CSV, see PRs, volume trends, rep ranges, and workout history …☆25Nov 11, 2025Updated 3 months ago
- ☆10Feb 13, 2021Updated 5 years ago
- ☆35Aug 11, 2020Updated 5 years ago
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- Senpai is a Zsh clean prompt theme for Devops☆12Aug 5, 2019Updated 6 years ago
- Queries from the blog posts.☆15Oct 6, 2024Updated last year
- ☆53Jul 9, 2013Updated 12 years ago
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆43Nov 27, 2022Updated 3 years ago
- The dataset was used as a support to attack obfuscations. It is the largest obfuscated dataset, with realistic and various binaries and f…☆19Jan 15, 2026Updated last month
- Collection of bash scripts and Ansible playbooks.☆11Feb 28, 2026Updated last week
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 2 years ago
- Bugs Framework☆10Updated this week
- ☆13Jul 29, 2025Updated 7 months ago
- Sample data generator for the Splunk for Palo Alto Networks app.☆12Sep 25, 2016Updated 9 years ago
- Documentation sources for syslog-ng Open Source Edition (https://github.com/syslog-ng/syslog-ng)☆10May 6, 2024Updated last year
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆96Apr 13, 2022Updated 3 years ago