☆19Oct 23, 2020Updated 5 years ago
Alternatives and similar repositories for lazarus-sigma-rules
Users that are interested in lazarus-sigma-rules are comparing it to the libraries listed below
Sorting:
- ☆10Dec 24, 2022Updated 3 years ago
- Links to malware-related YARA rules☆15Sep 29, 2022Updated 3 years ago
- A collection of Sigma rules organized by MITRE ATT&CK technique☆18Jul 26, 2021Updated 4 years ago
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- This repository hosts community contributed Kestrel analytics☆18May 28, 2024Updated last year
- ☆23Dec 15, 2022Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Sigma Detection Rule Repository☆92Jun 18, 2020Updated 5 years ago
- ☆64Apr 1, 2021Updated 4 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Jan 14, 2021Updated 5 years ago
- ☆98Oct 7, 2020Updated 5 years ago
- ☆11Oct 3, 2019Updated 6 years ago
- Open source HIDS tailored for Microsoft Windows and Active Directory☆29Feb 13, 2026Updated 2 weeks ago
- Sys Mon! Why yu nuh logging dat?☆12Dec 10, 2018Updated 7 years ago
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- You can access the sigma rules to detect malicious activities. It is organized by Mitre Att&ck categories.☆13Feb 7, 2022Updated 4 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆169Sep 27, 2022Updated 3 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- Tool to rip system and user data from OSX and macOS☆16Dec 6, 2022Updated 3 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆63May 30, 2025Updated 9 months ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- Run TTPs, with AI!☆71Feb 23, 2026Updated last week
- ☆14Mar 9, 2023Updated 2 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆58Mar 25, 2020Updated 5 years ago
- Sigma rules from Joe Security☆232Nov 4, 2024Updated last year
- Adversary Simulation Framework☆38Aug 19, 2025Updated 6 months ago
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆23Dec 13, 2018Updated 7 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 4 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆46Nov 1, 2021Updated 4 years ago
- Visualize Microsoft Defender XDR process trees and security events☆33Aug 24, 2025Updated 6 months ago
- ☆18Mar 26, 2024Updated last year
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆42Sep 21, 2023Updated 2 years ago
- Basic tutorials for reverse engineer with radare2☆60Mar 17, 2019Updated 6 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago