A collection of Sigma rules organized by MITRE ATT&CK technique
☆18Apr 1, 2026Updated last week
Alternatives and similar repositories for sigma-rules
Users that are interested in sigma-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 5 years ago
- RenameLocalVars is an IDA plugin that renames local variables to something easier to read.☆15Jul 9, 2023Updated 2 years ago
- A collection of pcaps☆16Jul 5, 2015Updated 10 years ago
- Alternative password shadowing scheme☆10Feb 22, 2026Updated last month
- ☆11Feb 9, 2023Updated 3 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- PyGotham 2017: Spark Streaming for World Domination (and other projects)☆10Oct 5, 2017Updated 8 years ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 2 years ago
- SIEM Detection Use Case Library mapped to MITRE ATT&CK tactics and techniques☆12Oct 28, 2018Updated 7 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- ☆33Apr 7, 2020Updated 6 years ago
- Rules generated from our investigations.☆207Jun 17, 2025Updated 9 months ago
- Continuous External Attack Surface Discovery & Vulnerability Scanning Across AWS Organizations — Python CDK☆13Mar 6, 2026Updated last month
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated 2 years ago
- Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5☆16Nov 22, 2024Updated last year
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆422Nov 8, 2025Updated 5 months ago
- Generate representative samples from Pwned Passwords (HIBP)☆11Jan 6, 2022Updated 4 years ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆215Apr 1, 2026Updated last week
- Command line tool for analyzing .json files generated by bloodhound.py or sharphound for use in Bloodhound.☆20Jan 12, 2019Updated 7 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- A triage data collection script for macOS☆29Nov 27, 2020Updated 5 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆21May 8, 2022Updated 3 years ago
- Java DNS Post Exploitation Tool☆11Jul 21, 2024Updated last year
- A simple linter for Sigma rules☆13Oct 22, 2020Updated 5 years ago
- ☆19Jun 16, 2021Updated 4 years ago
- Test Suite for John the Ripper☆26Dec 28, 2025Updated 3 months ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Small container runtime for threat detection☆14Apr 13, 2025Updated 11 months ago
- Script to retrieve the list of AWS Services and their one-line descriptions☆37Dec 25, 2020Updated 5 years ago
- Implementation of bcrypt password hashing scheme☆12Jan 11, 2021Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ONYX: Cisco Automated Assessment and Auditing Tool (CAAAT). An open-source tool that automatically assesses and audits Cisco IOS routers …☆21May 6, 2025Updated 11 months ago
- Federated Office365 user enumeration based on correlated response trend analysis☆49May 3, 2022Updated 3 years ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated last year
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- Wordpress Plugins Scanner it's a semi-automatic white box pentesting/crawler app for WP plugins using RIPS from OWASP.☆14Aug 6, 2013Updated 12 years ago
- Collection of my Security Blueprints & Guides☆52Oct 2, 2025Updated 6 months ago
- 威胁检测规则集☆15Jul 5, 2019Updated 6 years ago