pySigma Elasticsearch backend
☆64Feb 19, 2026Updated 2 weeks ago
Alternatives and similar repositories for pySigma-backend-elasticsearch
Users that are interested in pySigma-backend-elasticsearch are comparing it to the libraries listed below
Sorting:
- The Sigma command line interface based on pySigma☆178Feb 5, 2026Updated last month
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆534Feb 15, 2026Updated 3 weeks ago
- ☆44Nov 28, 2025Updated 3 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- ☆21Nov 19, 2025Updated 3 months ago
- Sigma rule specification☆172Feb 5, 2026Updated last month
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 3 months ago
- Legacy Sigma Tools (sigmac etc.)☆16May 7, 2023Updated 2 years ago
- ☆17Oct 13, 2025Updated 4 months ago
- pySigma Cookiecutter backend template☆24Sep 17, 2025Updated 5 months ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated 2 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆20Jul 1, 2023Updated 2 years ago
- An opensource sigma conversion tool built using pysigma☆161Feb 9, 2026Updated last month
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆20Oct 2, 2020Updated 5 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆82Jun 9, 2025Updated 9 months ago
- ☆18May 5, 2024Updated last year
- ☆16Aug 29, 2025Updated 6 months ago
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Validates Sigma rules using the JSON schema☆22Mar 18, 2024Updated last year
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆87Dec 17, 2025Updated 2 months ago
- a tiny program to consume from ETW providers for research☆54Jan 4, 2025Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆51Apr 25, 2024Updated last year
- Convert Sigma rules to SIEM queries, directly in your browser.☆111Jan 24, 2026Updated last month
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆92Nov 3, 2025Updated 4 months ago
- ☆23Jun 1, 2022Updated 3 years ago
- The home of the SDDLMaker☆28Jan 13, 2025Updated last year
- ☆22Aug 29, 2024Updated last year
- Advanced Persistent Threat Detection Using Network Analysis☆23Feb 28, 2019Updated 7 years ago
- A library that injects into SpringBoard and bruteforce the 4-digit lockscreen pin.☆10Mar 24, 2015Updated 10 years ago
- Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.☆71Updated this week
- Rules generated from our investigations.☆204Jun 17, 2025Updated 8 months ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆28Nov 30, 2025Updated 3 months ago
- Kibana 6 Templates for Suricata IDPS Threat Hunting☆24Mar 5, 2019Updated 7 years ago
- Yet Another Memory Analyzer for malware detection and Guarding Operations with YARA and SIGMA☆81Nov 19, 2025Updated 3 months ago
- A mapping of used malware names to commonly known family names☆62Feb 21, 2023Updated 3 years ago