Yamato-Security / sigma-to-hayabusa-converterView external linksLinks
Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
☆16Oct 22, 2025Updated 3 months ago
Alternatives and similar repositories for sigma-to-hayabusa-converter
Users that are interested in sigma-to-hayabusa-converter are comparing it to the libraries listed below
Sorting:
- ☆21Nov 19, 2025Updated 2 months ago
- Sample evtx files to use for testing hayabusa detection rules☆64Nov 5, 2025Updated 3 months ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- ☆11Dec 9, 2025Updated 2 months ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆24Jul 12, 2023Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Jun 27, 2025Updated 7 months ago
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 2 months ago
- ☆10Jan 28, 2025Updated last year
- Windows Event Log Auditor☆88Updated this week
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- An ongoing curated collection of awesome software, libraries, frameworks, talks & videos, best practices, learning tutorials and importan…☆21Jul 29, 2022Updated 3 years ago
- ☆27Jul 13, 2025Updated 7 months ago
- Takajō (鷹匠) is a Hayabusa results analyzer.☆151Feb 1, 2026Updated 2 weeks ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated 2 months ago
- ☆23Oct 9, 2024Updated last year
- Harness the power of Splunk for your investigations☆152Oct 11, 2025Updated 4 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆214Updated this week
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 3 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated 11 months ago
- Tools and script for my remnux/sift installation☆23Feb 7, 2026Updated last week
- Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108)☆32Apr 1, 2025Updated 10 months ago
- Captive Portal service with SMS auth for pfsense☆24Sep 21, 2021Updated 4 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆27Jun 3, 2018Updated 7 years ago
- Forensic framework to build tools that can be reused in multiple projects without changing anything☆32Oct 17, 2025Updated 4 months ago
- Windows Event Log Knowledge Base☆29Dec 23, 2025Updated last month
- Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)☆25Oct 12, 2021Updated 4 years ago
- Yet Another Memory Analyzer for malware detection and Guarding Operations with YARA and SIGMA☆81Nov 19, 2025Updated 2 months ago
- Different code-injections techniques under a common tool☆30May 3, 2020Updated 5 years ago
- A Windows Event Log MCP☆40Aug 25, 2025Updated 5 months ago
- Migrate team-managed project issues between two JIRA Cloud accounts☆12Nov 12, 2024Updated last year
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆64Dec 21, 2022Updated 3 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated last month
- Convert Sigma rules to Wazuh rules☆73Sep 13, 2025Updated 5 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- ☆25Feb 13, 2021Updated 5 years ago
- Security Content for the PEAK Threat Hunting Framework☆40Feb 15, 2024Updated 2 years ago