Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)
☆15Feb 1, 2021Updated 5 years ago
Alternatives and similar repositories for SigmaFilterCheck
Users that are interested in SigmaFilterCheck are comparing it to the libraries listed below
Sorting:
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- Detection rules to look for Log4J usage and exploitation☆18Jun 21, 2025Updated 8 months ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆58Mar 18, 2022Updated 3 years ago
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆69Mar 17, 2024Updated last year
- Install and configure user mode auditd tools☆34Feb 17, 2026Updated last week
- Sigma Engine implementation in TypeScript☆28Mar 5, 2023Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Mar 9, 2022Updated 3 years ago
- Sigma Detection Rule Repository☆92Jun 18, 2020Updated 5 years ago
- Mock STIX data demonstrating the new data source representation☆16Sep 13, 2023Updated 2 years ago
- QRadar AQL backend for converting Sigma rules to QRadar AQL queries☆14Sep 18, 2025Updated 5 months ago
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 2 years ago
- The Advanced Vulnerability Information Sharing Environment -- A Platform for CVD and PSIRT Management☆10Jan 30, 2024Updated 2 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Mar 2, 2018Updated 7 years ago
- The course cryptographic systems and their weaknesses in the University of Oulu☆10Jan 8, 2026Updated last month
- JSON Tools Technology Add-On for Splunk☆10Mar 31, 2021Updated 4 years ago
- PE Injection with ring3 hook bypass☆10May 3, 2021Updated 4 years ago
- Simple python tool to search http://ixirc.com/☆10Apr 16, 2019Updated 6 years ago
- A Sigma based detection pipeline☆13Dec 15, 2023Updated 2 years ago
- Tailwind UI Component CSS prefixer☆10Jun 22, 2020Updated 5 years ago
- A Python based Recon Tool to search for Storage Buckets☆11Jan 21, 2023Updated 3 years ago
- Want to automate you or your patient's treatments in a novel way we haven't thought of? TOP APIs make it trivial to expand or change func…☆11Mar 1, 2019Updated 7 years ago
- Postfix Add-on for Splunk (Compliant with the Mail CIM model)☆11Mar 18, 2021Updated 4 years ago
- 🌦️ Domain Ranker☆16Sep 7, 2019Updated 6 years ago
- Silk File Reader☆14Mar 9, 2022Updated 3 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Go module that returns supported regions for a service or supported services for a region☆18Dec 12, 2025Updated 2 months ago
- Klara docker compose☆11May 19, 2020Updated 5 years ago
- ☆10Dec 28, 2015Updated 10 years ago
- This package allows the use of a custom Elastalert Alert which creates alerts with observables in TheHive using TheHive4Py.☆26May 18, 2021Updated 4 years ago
- ☆15Feb 12, 2023Updated 3 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆12Feb 26, 2024Updated 2 years ago
- ☆12Jun 24, 2022Updated 3 years ago
- A parser/timeline creator for auditd logs.☆16Aug 5, 2014Updated 11 years ago
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- Opengraph-Compatible JSON Generator for BloodHound☆27Jan 12, 2026Updated last month
- Splunk app for visualization of DMARC RUA mails☆15Sep 26, 2025Updated 5 months ago
- Orchestration Software for Incident Response☆14Updated this week
- A simple IDS with statistical learning☆11Apr 19, 2024Updated last year