Alternatives and similar repositories for Microsoft-Sentinel-SIGMA-Rules-Workbook

Users that are interested in Microsoft-Sentinel-SIGMA-Rules-Workbook are comparing it to the libraries listed below

• CodeByHarri / Sigma2KQL

  View on GitHub
  Sigma Queries turned into KQL for Defender using pysigma
  ☆12Jun 20, 2024Updated last year
• amohanta / Detection_Engineering_Tools

  View on GitHub
  Detection Engineering Tools
  ☆20Updated this week
• splunk / TA-misp_es

  View on GitHub
  MISP to Splunk Enterprise Security Theat Intelligence Framework Integration
  ☆14Jul 11, 2023Updated 2 years ago
• ACE-Responder / ace-proctree

  View on GitHub
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆35Mar 1, 2023Updated 2 years ago
• GabrielDuschl / SmartSpray

  View on GitHub
  A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…
  ☆17Jan 28, 2026Updated 2 weeks ago
• FalconForceTeam / FalconForge

  View on GitHub
  This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…
  ☆17Mar 10, 2023Updated 2 years ago
• Intellisec-Solutions / Sentinel2D3FEND

  View on GitHub
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆74Jun 28, 2021Updated 4 years ago
• soc-otter / Blue

  View on GitHub
  A collection of content for blue team professionals, designed to support both reactive and proactive cybersecurity measures of every aspe…
  ☆33Oct 24, 2025Updated 3 months ago
• aiforsec22 / IEEEEuroSP23

  View on GitHub
  ☆25Jul 12, 2023Updated 2 years ago
• archanchoudhury / Threat-Hunting

  View on GitHub
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Aug 23, 2022Updated 3 years ago
• AI-Voodoo / BugOut

  View on GitHub
  AI-Powered, Local Pythonic Coding Agent 🐞💻
  ☆24Mar 3, 2025Updated 11 months ago
• m4nbat / KustQueryLanguage_kql

  View on GitHub
  Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
  ☆68Dec 7, 2025Updated 2 months ago
• QueenSquishy / Zombie

  View on GitHub
  General Content
  ☆25Dec 23, 2025Updated last month
• redcanaryco / ansible-atomic-red-team

  View on GitHub
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆27Jul 4, 2024Updated last year
• mamun-sec / decap

  View on GitHub
  ☆34Jun 13, 2023Updated 2 years ago
• pulsedive / certrss

  View on GitHub
  ☆121Jan 29, 2026Updated 2 weeks ago
• siriussecurity / dettectinator

  View on GitHub
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆119Jan 22, 2026Updated 3 weeks ago
• yoryio / ShodanFavicon

  View on GitHub
  List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.
  ☆35Apr 14, 2024Updated last year
• EuroLeaps / scc-connectors

  View on GitHub
  Google Cloud Security Command Center to Azure Sentinel Connector
  ☆19Jul 15, 2023Updated 2 years ago
• NikolisSecurity / PhantomID

  View on GitHub
  A powerful hardware ID spoofing tool designed to modify system identifiers for privacy and security purposes. Change MAC addresses, HWID,…
  ☆16Nov 26, 2025Updated 2 months ago
• LogRhythm-Services / Axon-Content

  View on GitHub
  Community content for LogRhythm Axon. Includes Dashboards, searches, analytics rules, processing policies and more.
  ☆10Jul 26, 2024Updated last year
• msdirtbag / AzurePolicyAutomator

  View on GitHub
  ☆35Mar 23, 2024Updated last year
• Cyberlorians / Workbooks

  View on GitHub
  ☆36Nov 11, 2025Updated 3 months ago
• AttackIQ / SigmAIQ

  View on GitHub
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆91Nov 3, 2025Updated 3 months ago
• 3CORESec / SIEGMA

  View on GitHub
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆159Mar 10, 2025Updated 11 months ago
• markolauren / sentinel

  View on GitHub
  ☆67Jan 20, 2026Updated 3 weeks ago
• NomanProdhan / malbuzz

  View on GitHub
  It's a handy tool to help you analyze malware. You can use this tool to query your malware samples using different hashes or find all oth…
  ☆20Jul 22, 2025Updated 6 months ago
• kgretzky / goproxy

  View on GitHub
  An HTTP proxy library for Go
  ☆17Jun 22, 2022Updated 3 years ago
• RenderZ0n3 / Malware-Development

  View on GitHub
  ☆10Jul 1, 2023Updated 2 years ago
• alwashali / detection-validation

  View on GitHub
  Detection rule validation
  ☆40Oct 25, 2023Updated 2 years ago
• stefanpems / cfs

  View on GitHub
  My stuff regarding Copilot for Security
  ☆12Jan 12, 2026Updated last month
• rcegan / ConvertSigmaRepo2KQL

  View on GitHub
  A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD
  ☆10Nov 7, 2023Updated 2 years ago
• msdirtbag / ADXFlowmaster

  View on GitHub
  ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
  ☆40Oct 30, 2024Updated last year
• Bert-JanP / KustoHawk

  View on GitHub
  KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…
  ☆126Jan 11, 2026Updated last month
• Cipher7 / havoc-SauronEye

  View on GitHub
  ☆11Dec 8, 2023Updated 2 years ago
• sonikkk-526 / Lyrics-Editor-for-.LRC

  View on GitHub
  A simple lyrics editor (generator and organizer as well) for .LRC files.
  ☆11Oct 27, 2023Updated 2 years ago
• mitre / caltack

  View on GitHub
  Plugin that serves the ATT&CK website alongside CALDERA.
  ☆12Feb 24, 2020Updated 5 years ago
• jonlives / customizing_chef

  View on GitHub
  Resources for the Customizing Chef book
  ☆11Sep 12, 2014Updated 11 years ago
• MSFT-AU-Security / SentinelCTIS

  View on GitHub
  Documentation for connecting Microsoft Sentinel and the ACSC CTIS platform
  ☆10Jan 23, 2024Updated 2 years ago