Generic Signature Format for SIEM Systems
☆18Jul 25, 2023Updated 2 years ago
Alternatives and similar repositories for sigma-public
Users that are interested in sigma-public are comparing it to the libraries listed below
Sorting:
- Remotely collect linux live forensics artifacts.☆14Jul 8, 2022Updated 3 years ago
- Scripts for communication with Bunitu Trojan C&Cs☆19Oct 29, 2015Updated 10 years ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Mar 13, 2022Updated 3 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- ☆23Oct 9, 2024Updated last year
- ☆21Oct 16, 2021Updated 4 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Windows Thingies... but in Rust☆23Nov 12, 2022Updated 3 years ago
- Proof-of-Concept exploits for CVE-2017-11882☆41Jan 2, 2018Updated 8 years ago
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆32Nov 25, 2019Updated 6 years ago
- Prepare, Hunt, and Respond - Conceptual model against cyber attacks by JYVSECTEC☆61Jan 10, 2022Updated 4 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆70Oct 30, 2025Updated 4 months ago
- This repository will teach you got to present my talk "Security is everybody's job", a talk about DevSecOps.☆27Sep 20, 2022Updated 3 years ago
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- ☆28Jul 5, 2025Updated 7 months ago
- Triaging Windows event logs based on SANS Poster☆47Nov 22, 2025Updated 3 months ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆37Mar 15, 2023Updated 2 years ago
- Remote access and Antivirus Logging Database☆45Apr 28, 2024Updated last year
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆40May 18, 2022Updated 3 years ago
- macOS Endpoint Security Message Analysis Tool☆47Jan 31, 2022Updated 4 years ago
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- The Wave theme for OXID eShop☆10Aug 7, 2023Updated 2 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 6 years ago
- MCP Server for Contrast Security☆16Jan 26, 2026Updated last month
- Tool to identify domains containing Pinyin language☆12Oct 18, 2014Updated 11 years ago
- MagTool is software for magnetic stripe readers & writers.☆15Jan 22, 2013Updated 13 years ago
- ☆12Dec 14, 2016Updated 9 years ago
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆44Jun 6, 2022Updated 3 years ago
- isodump - ISO dump utility☆41Jun 9, 2019Updated 6 years ago
- Log Entry to Sigma Rule Converter☆107Mar 3, 2022Updated 4 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- An example / test case of importing typescript modules located in a node_modules folder.☆10Nov 4, 2015Updated 10 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Jan 14, 2021Updated 5 years ago