Alternatives and similar repositories for sigma-rules

Users that are interested in sigma-rules are comparing it to the libraries listed below

• mlgualtieri / PurpleTeamSummit
  ☆27Updated 4 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆44Updated 4 years ago
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆52Updated last year
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆52Updated last year
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 5 years ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated 2 years ago
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆22Updated 3 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated last year
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆55Updated 3 months ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆26Updated 5 years ago
• archanchoudhury / Threat-Hunting
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Updated 2 years ago
• svch0stz / velociraptor-detections
  ☆22Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Updated 4 years ago
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆34Updated 2 months ago
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆23Updated 9 months ago
• tsale / Intrusion_data
  This repository is created to store the artifacts for any intrusions I share publicly.
  ☆26Updated last year
• bengoerz / PurpleTeamDocs
  ☆29Updated 4 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆88Updated 2 years ago
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 3 years ago
• DefensiveOrigins / DO-LAB
  ☆47Updated 2 months ago
• mitre / training
  A CALDERA plugin
  ☆26Updated 10 months ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆25Updated last week