SigmaHQ / pySigma-backend-elasticsearchView external linksLinks
pySigma Elasticsearch backend
☆64Updated this week
Alternatives and similar repositories for pySigma-backend-elasticsearch
Users that are interested in pySigma-backend-elasticsearch are comparing it to the libraries listed below
Sorting:
- pySigma Splunk backend☆41Feb 8, 2026Updated last week
- The Sigma command line interface based on pySigma☆176Feb 5, 2026Updated last week
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆527Feb 5, 2026Updated last week
- ☆44Nov 28, 2025Updated 2 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- ☆21Nov 19, 2025Updated 2 months ago
- Sigma rule specification☆172Feb 5, 2026Updated last week
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 2 months ago
- Legacy Sigma Tools (sigmac etc.)☆15May 7, 2023Updated 2 years ago
- ☆17Oct 13, 2025Updated 4 months ago
- pySigma Cookiecutter backend template☆24Sep 17, 2025Updated 4 months ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated last month
- A guide on how to write fast and memory friendly YARA rules☆164Feb 11, 2025Updated last year
- A web scraper to create MISP events and reports☆17Jun 30, 2025Updated 7 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 3 months ago
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago
- CryptoWall 3.0 Ransomware Reversing Documentation & Scripts☆17Nov 24, 2020Updated 5 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆20Jul 1, 2023Updated 2 years ago
- An opensource sigma conversion tool built using pysigma☆158Updated this week
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆20Oct 2, 2020Updated 5 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆82Jun 9, 2025Updated 8 months ago
- ☆18May 5, 2024Updated last year
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Windows EDR agent in Rust. ETW telemetry → Sigma/YARA detection → ECS alerts. User-mode, open-source, high-performance.☆57Feb 4, 2026Updated last week
- ☆15Aug 29, 2025Updated 5 months ago
- Validates Sigma rules using the JSON schema☆22Mar 18, 2024Updated last year
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated last month
- a tiny program to consume from ETW providers for research☆54Jan 4, 2025Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆51Apr 25, 2024Updated last year
- Convert Sigma rules to SIEM queries, directly in your browser.☆110Jan 24, 2026Updated 3 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆91Nov 3, 2025Updated 3 months ago
- The home of the SDDLMaker☆28Jan 13, 2025Updated last year
- ☆23Jun 1, 2022Updated 3 years ago
- Advanced Persistent Threat Detection Using Network Analysis☆23Feb 28, 2019Updated 6 years ago
- ☆22Aug 29, 2024Updated last year
- SigmaHQ pySigma CrowdStrike processing pipeline☆27Nov 30, 2025Updated 2 months ago
- A library that injects into SpringBoard and bruteforce the 4-digit lockscreen pin.☆10Mar 24, 2015Updated 10 years ago