Alternatives and similar repositories for wazuh-detection-rules

Users that are interested in wazuh-detection-rules are comparing it to the libraries listed below

• sttor / osquery-wazuh-response

  View on GitHub
  Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug
  ☆11Jun 20, 2020Updated 5 years ago
• branchnetconsulting / wazuh-tools

  View on GitHub
  Useful scripts for those administering Wazuh
  ☆91Jan 6, 2026Updated last month
• cloudfence / opnsense-wazuh

  View on GitHub
  Tools to integrate 2 great security tools OPNsense and Wazuh
  ☆31Aug 26, 2021Updated 4 years ago
• averydiversifiedtech / ossec-wazuh-manager-zabbix

  View on GitHub
  Zabbix Templates and scripts to monitor OSSEC or Wazuh Manager Intrusion Detection
  ☆15Sep 18, 2025Updated 4 months ago
• dariommr / scripts

  View on GitHub
  Personal scripts
  ☆15Sep 11, 2024Updated last year
• Xboarder56 / QRadar-ThreatIntel-Import

  View on GitHub
  Scripts to automatically import threat intel into QRadar
  ☆14Jun 20, 2019Updated 6 years ago
• crow1011 / wazuh2thehive

  View on GitHub
  Wazuh integration TheHive
  ☆41Feb 21, 2023Updated 2 years ago
• bayusky / wazuh-custom-rules-and-decoders

  View on GitHub
  In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…
  ☆58Dec 19, 2025Updated last month
• juaromu / wazuh-opencti

  View on GitHub
  ☆41Aug 26, 2023Updated 2 years ago
• juaromu / wazuh

  View on GitHub
  ☆20Oct 17, 2021Updated 4 years ago
• TheHive-Project / docs

  View on GitHub
  Official documentation for TheHive Project applications
  ☆21Sep 29, 2023Updated 2 years ago
• AnonymousWP / Wazuh-ChatGPT-integration

  View on GitHub
  A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…
  ☆24Mar 20, 2023Updated 2 years ago
• MisakiKata / mitescan

  View on GitHub
  一个代理扫描平台
  ☆54Feb 1, 2021Updated 5 years ago
• tfrederick74656 / splunkbase-download

  View on GitHub
  Shell script to download apps from Splunkbase
  ☆23May 19, 2020Updated 5 years ago
• MisakiKata / watchfile

  View on GitHub
  基于inotify的Linux文件实时监控程序，同时调用河马扫描来检测文件
  ☆22Sep 4, 2020Updated 5 years ago
• softrebel / pybsky

  View on GitHub
  Python BlueSky client
  ☆10Aug 4, 2023Updated 2 years ago
• theflakes / sigma_to_wazuh

  View on GitHub
  Convert Sigma rules to Wazuh rules
  ☆73Sep 13, 2025Updated 5 months ago
• michael-fischer / SaintconPython

  View on GitHub
  One Day of Python for SaintCon 2022
  ☆11Jan 3, 2023Updated 3 years ago
• SanWieb / sigWah

  View on GitHub
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆38Jun 8, 2020Updated 5 years ago
• ttttmr / checkproxy

  View on GitHub
  检测浏览器是否存在代理
  ☆33Apr 3, 2022Updated 3 years ago
• DaKheera47 / strong-statistics

  View on GitHub
  Self‑hosted strength‑training analytics for Strong app exports. Import your CSV, see PRs, volume trends, rep ranges, and workout history …
  ☆23Nov 11, 2025Updated 3 months ago
• chiww / PMon

  View on GitHub
  ☆35Aug 11, 2020Updated 5 years ago
• shellsec / Knowledge-Base

  View on GitHub
  Knowledge Base 慢雾安全团队知识库
  ☆29Oct 22, 2019Updated 6 years ago
• JouniMi / Threathunt.blog

  View on GitHub
  Queries from the blog posts.
  ☆15Oct 6, 2024Updated last year
• corelight / zeek-community-id

  View on GitHub
  Zeek support for Community ID flow hashing.
  ☆37Jul 11, 2023Updated 2 years ago
• liranmatcu / Docker_Security_Labs

  View on GitHub
  The Eureka Lab Series is designed for learners at all levels of experience and interest in security concepts and technologies.
  ☆10Nov 30, 2025Updated 2 months ago
• raviranjan0309 / Flask-NGINX-Gunicorn-Docker-Kubernetes

  View on GitHub
  Step by step guide to deploy any machine learning prediction web API using Flask, Gunicorn, NGINX containerised in Docker on GCP Kubernet…
  ☆12Dec 8, 2022Updated 3 years ago
• sergibarroso / senpai-zsh

  View on GitHub
  Senpai is a Zsh clean prompt theme for Devops
  ☆12Aug 5, 2019Updated 6 years ago
• Silv3rHorn / BulkStrike

  View on GitHub
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆43Nov 27, 2022Updated 3 years ago
• kutyel / es6-emitter

  View on GitHub
  🚀 Smallest event emitter for JavaScript with all the power of ES6 Maps!
  ☆11Jul 25, 2019Updated 6 years ago
• PaloAltoNetworks / Splunk-App-Data-Generator

  View on GitHub
  Sample data generator for the Splunk for Palo Alto Networks app.
  ☆12Sep 25, 2016Updated 9 years ago
• balabit / syslog-ng-ose-guides

  View on GitHub
  Documentation sources for syslog-ng Open Source Edition (https://github.com/syslog-ng/syslog-ng)
  ☆10May 6, 2024Updated last year
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 2 years ago
• SAPUCC / inviterbot

  View on GitHub
  A maubot plugin to sync users from Azure AD and LDAP into matrix rooms
  ☆10May 22, 2025Updated 8 months ago
• Hestat / ossec-sysmon

  View on GitHub
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆95Apr 13, 2022Updated 3 years ago
• 10Develops / onitor

  View on GitHub
  Free UWP web browser app.
  ☆10Jan 10, 2026Updated last month
• guardicode / osquery

  View on GitHub
  Guardicore osqueries collection for asset information, TH and compliance.
  ☆16Dec 22, 2021Updated 4 years ago
• pflanze / chj-scripts

  View on GitHub
  My various command line scripts that I'm using on my Debian desktops and servers
  ☆12Dec 15, 2025Updated 2 months ago
• Zorlin / netbox-physical-storage

  View on GitHub
  [WIP] Adds physical storage device support to Netbox, primarily intended for SAS/SATA/NVMe type devices.
  ☆12Mar 11, 2024Updated last year