Alternatives and similar repositories for wazuh-detection-rules

Users that are interested in wazuh-detection-rules are comparing it to the libraries listed below

• SanWieb / sigWah
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆33Updated 5 years ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆66Updated 3 years ago
• Truvis / Suricata_Threat-Hunting-Rules
  Collection of Suricata rule sets that I use modified to my environments.
  ☆39Updated 4 years ago
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆93Updated 3 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• mdecrevoisier / Windows-WEC-server_auto-deploy
  PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset
  ☆22Updated 3 years ago
• juaromu / wazuh
  ☆19Updated 3 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆38Updated 2 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 4 years ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 7 months ago
• juaromu / wazuh-nmap
  ☆17Updated 3 years ago
• B0fH / yara-suricata
  A Yara Lua output script for Suricata
  ☆20Updated 6 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆67Updated last year
• StamusNetworks / KTS7
  Kibana 7 Templates for Suricata IDPS Threat Hunting
  ☆41Updated 2 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated last month
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• Security-Onion-Solutions / securityonion-soc
  ☆55Updated this week
• izysec / linux-audit
  Some resources to facilitate my blog on auditd for security monitoring
  ☆12Updated 2 years ago
• silverfort-open-source / latma
  ☆80Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆31Updated 3 months ago
• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 4 years ago
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated last year
• Starke427 / Windows-Security-Policy
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆13Updated 4 years ago
• jctello / JCT-Wazuh
  Tools for Wazuh by Juan C. Tello
  ☆14Updated 3 years ago
• alertflex / altprobe
  collector/runner
  ☆65Updated 3 months ago
• juaromu / wazuh-misp
  ☆17Updated 2 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• NVISOsecurity / nviso-cti
  ☆42Updated last year