A pySigma wrapper and langchain toolkit for automatic rule creation/translation
☆92Nov 3, 2025Updated 3 months ago
Alternatives and similar repositories for SigmAIQ
Users that are interested in SigmAIQ are comparing it to the libraries listed below
Sorting:
- An opensource sigma conversion tool built using pysigma☆160Feb 9, 2026Updated 2 weeks ago
- ☆120May 26, 2025Updated 9 months ago
- ☆17Oct 13, 2025Updated 4 months ago
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆532Feb 15, 2026Updated last week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆177Dec 2, 2025Updated 2 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆111Jan 24, 2026Updated last month
- ☆52Dec 13, 2025Updated 2 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆127Apr 6, 2024Updated last year
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 5 months ago
- The Sigma command line interface based on pySigma☆177Feb 5, 2026Updated 3 weeks ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77May 21, 2024Updated last year
- pySigma Cookiecutter backend template☆24Sep 17, 2025Updated 5 months ago
- ☆12Jul 15, 2022Updated 3 years ago
- pySigma Splunk backend☆41Feb 19, 2026Updated last week
- ☆44Nov 28, 2025Updated 3 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated 2 months ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS...☆19Feb 13, 2026Updated 2 weeks ago
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.☆79Feb 4, 2026Updated 3 weeks ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 2 years ago
- 🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...☆21Mar 22, 2024Updated last year
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,927Jan 20, 2026Updated last month
- yara detection rules for hunting with the threathunting-keywords project☆157May 11, 2025Updated 9 months ago
- A curses-style interface for automatic takedown notification based on MISP events.☆20Dec 11, 2020Updated 5 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆31Jul 27, 2023Updated 2 years ago
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆70Feb 21, 2026Updated last week
- Augmentation to Machine Readable CTI☆37Sep 9, 2025Updated 5 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Updated this week
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆34Oct 21, 2025Updated 4 months ago
- AIL project training materials☆39Jul 17, 2025Updated 7 months ago
- Validates Sigma rules using the JSON schema☆22Mar 18, 2024Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Mar 1, 2023Updated 2 years ago
- Splunk Security Content☆1,575Updated this week
- simple webapp for converting sigma rules into siem queries using the pySigma library☆52Sep 1, 2023Updated 2 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago