Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
☆16Oct 22, 2025Updated 4 months ago
Alternatives and similar repositories for sigma-to-hayabusa-converter
Users that are interested in sigma-to-hayabusa-converter are comparing it to the libraries listed below
Sorting:
- ☆21Nov 19, 2025Updated 4 months ago
- ☆11Dec 9, 2025Updated 3 months ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- Sample evtx files to use for testing hayabusa detection rules☆65Nov 5, 2025Updated 4 months ago
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 3 months ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- Takajō (鷹匠) is a Hayabusa results analyzer.☆153Feb 23, 2026Updated 3 weeks ago
- ☆23Oct 9, 2024Updated last year
- A Windows Event Log MCP☆42Aug 25, 2025Updated 6 months ago
- Harness the power of Splunk for your investigations☆158Oct 11, 2025Updated 5 months ago
- Windows Event Log Knowledge Base☆31Dec 23, 2025Updated 2 months ago
- This crate provides functions for working with IPv4 CIDRs and IPv6 CIDRs.☆33Dec 26, 2025Updated 2 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆214Mar 1, 2026Updated 2 weeks ago
- Windows Event Log Auditor☆92Updated this week
- ☆25Feb 13, 2021Updated 5 years ago
- Autopsy Module to analyze Registry Hives☆16Feb 18, 2022Updated 4 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆87Mar 11, 2026Updated last week
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year
- PowerShell Script Analyzer☆69Oct 26, 2023Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Jun 27, 2025Updated 8 months ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆42Jun 27, 2021Updated 4 years ago
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated last year
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with built-in process inspect…☆213Updated this week
- 日本でNixを利用している会社一覧☆11Mar 28, 2025Updated 11 months ago
- Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086)☆25Oct 12, 2021Updated 4 years ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆171Dec 7, 2025Updated 3 months ago
- ☆12Feb 1, 2022Updated 4 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Nancy - Nim fancy ANSI tables☆56May 5, 2023Updated 2 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated 2 months ago
- Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108)☆32Apr 1, 2025Updated 11 months ago
- Basically a KrabsETW rip-off written in Rust☆87Oct 20, 2025Updated 5 months ago
- Different code-injections techniques under a common tool☆30May 3, 2020Updated 5 years ago
- A Dark theme for VS Code☆13Apr 1, 2021Updated 4 years ago
- ☆19Sep 26, 2025Updated 5 months ago
- WaniCTF 2020 official writeup & source code☆11Oct 18, 2021Updated 4 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- CVE-2023-20273 Exploit PoC☆14Apr 1, 2024Updated last year