A Compiler from Sigma rules to VQL
☆19May 18, 2026Updated 3 weeks ago
Alternatives and similar repositories for velociraptor-sigma-rules
Users that are interested in velociraptor-sigma-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Publicly shareable windows event log message data☆29Nov 29, 2019Updated 6 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 5 years ago
- Continuous Threat Exposure Management Maturity Model (CTEMMM)☆33Feb 6, 2026Updated 4 months ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆80Jan 6, 2026Updated 5 months ago
- Visualize Microsoft Defender XDR process trees and security events☆33Aug 24, 2025Updated 9 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Scapy hands-on at #GreHack17☆17Nov 14, 2017Updated 8 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- A companion Github repo for the book - Threat Hunting macOS by Jaron Bradley☆21Jul 26, 2025Updated 10 months ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆29Aug 6, 2025Updated 10 months ago
- Detection in the form of Yara, Snort and ClamAV signatures.☆253Nov 1, 2024Updated last year
- A collection of my yara rules☆34Jul 11, 2023Updated 2 years ago
- This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which…☆19Nov 16, 2023Updated 2 years ago
- Documentation site for Velociraptor☆71Updated this week
- Python client for DFIR-IRIS☆26Aug 19, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Personal Storage Table implementation in Go/Golang☆38Jun 6, 2026Updated last week
- PyVelociraptor contains the python bindings for the Velociraptor API.☆23May 5, 2026Updated last month
- Sysmon configuration file templates with advanced event tracing and blocking☆58May 8, 2026Updated last month
- Collection of scripts provided for public use☆43May 19, 2026Updated 3 weeks ago
- A specification and style guide for YARA rules☆74Feb 17, 2024Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆114Jun 4, 2026Updated last week
- ☆44Jul 11, 2025Updated 11 months ago
- Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.☆19Nov 6, 2024Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆37Feb 2, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated last year
- A repository to share publicly available Velociraptor detection content☆203Updated this week
- Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external d…☆160Jun 7, 2026Updated last week
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Mar 2, 2018Updated 8 years ago
- Block ads and malicious domains with response policy zones☆12Jun 10, 2020Updated 6 years ago
- Fork of Microsoft's fork of OpenOCD - this one being with Tamarin support and pre-built binaries.☆17May 24, 2025Updated last year
- Fully Randomized Pointers☆19Jun 10, 2025Updated last year
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 9 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- A command-line tool and Python library for parsing Windows Master File Table ($MFT) and importing the results into Elasticsearch.☆13Jun 3, 2026Updated last week
- My collection of scripts for Ghidra (https://github.com/NationalSecurityAgency/ghidra)☆10Sep 13, 2020Updated 5 years ago
- Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations☆17Aug 30, 2025Updated 9 months ago
- An API connector for the Office 365 Management API and the Elastic Stack☆19Aug 9, 2018Updated 7 years ago
- An modular asset discovery framework written in python to automate the repeating manual work☆68May 30, 2026Updated 2 weeks ago