A collection of Sigma rules organized by MITRE ATT&CK technique
☆18Apr 1, 2026Updated last month
Alternatives and similar repositories for sigma-rules
Users that are interested in sigma-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 5 years ago
- Sigma rules from Joe Security☆239Nov 4, 2024Updated last year
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Apr 23, 2023Updated 3 years ago
- Alternative password shadowing scheme☆10Feb 22, 2026Updated 3 months ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆27Apr 12, 2020Updated 6 years ago
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- ☆36Nov 26, 2024Updated last year
- Rules generated from our investigations.☆208Jun 17, 2025Updated 11 months ago
- Continuous External Attack Surface Discovery & Vulnerability Scanning Across AWS Organizations — Python CDK☆14Mar 6, 2026Updated 2 months ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- ETHICAL-HACKING☆13Dec 20, 2023Updated 2 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Apr 10, 2024Updated 2 years ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5☆15Nov 22, 2024Updated last year
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆431May 9, 2026Updated last week
- Generate representative samples from Pwned Passwords (HIBP)☆11Jan 6, 2022Updated 4 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- A triage data collection script for macOS☆30Nov 27, 2020Updated 5 years ago
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- ☆21May 8, 2022Updated 4 years ago
- Java DNS Post Exploitation Tool☆11Jul 21, 2024Updated last year
- A simple linter for Sigma rules☆13Oct 22, 2020Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- ☆18Jun 16, 2021Updated 4 years ago
- AMSI Bypass for powershell☆30Apr 26, 2022Updated 4 years ago
- Test Suite for John the Ripper☆26Dec 28, 2025Updated 4 months ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Small container runtime for threat detection☆14Apr 13, 2025Updated last year
- Script to retrieve the list of AWS Services and their one-line descriptions☆37Dec 25, 2020Updated 5 years ago
- Cloud threat detection visualization from excalidraw☆12Apr 25, 2022Updated 4 years ago
- ONYX: Cisco Automated Assessment and Auditing Tool (CAAAT). An open-source tool that automatically assesses and audits Cisco IOS routers …☆21May 6, 2025Updated last year
- Implementation of bcrypt password hashing scheme☆13Jan 11, 2021Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Federated Office365 user enumeration based on correlated response trend analysis☆49May 3, 2022Updated 4 years ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- Wordpress Plugins Scanner it's a semi-automatic white box pentesting/crawler app for WP plugins using RIPS from OWASP.☆14Aug 6, 2013Updated 12 years ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year