Yamato-Security / sigma-to-hayabusa-converterLinks
Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
☆13Updated 4 months ago
Alternatives and similar repositories for sigma-to-hayabusa-converter
Users that are interested in sigma-to-hayabusa-converter are comparing it to the libraries listed below
Sorting:
- ☆18Updated 2 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 weeks ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated 2 weeks ago
- ☆22Updated 8 months ago
- ☆11Updated 2 years ago
- VTC - Velociraptor Timeline Creator☆18Updated last year
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Parser for Windows PowerShell script block logs☆13Updated 5 months ago
- ESXi Cyber Security Incident Response Script☆23Updated 9 months ago
- Hunt for SQLite files used by various applications☆26Updated last month
- Detection rule validation☆41Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- Living off the False Positive!☆37Updated 4 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆31Updated 2 months ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 4 months ago
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 11 months ago
- A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight,…☆20Updated 3 months ago
- Quick ESXi Log Parser☆21Updated 5 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆45Updated 2 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 6 months ago
- A web scraper to create MISP events and reports☆16Updated this week
- A tool for fetching DFIR and other GitHub tools.☆24Updated last month
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Updated 6 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆21Updated 8 months ago
- A YARA & Malware Analysis Toolkit written in Rust.