Alternatives and similar repositories for python-sigma:

Users that are interested in python-sigma are comparing it to the libraries listed below

• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated last year
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 3 years ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆92Updated 2 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆26Updated 11 months ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆67Updated last month
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆67Updated last month
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆80Updated 2 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆98Updated last month
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated 2 years ago
• mvelazc0 / PurpleTeamPlaybook
  Active Directory Purple Team Playbook
  ☆106Updated last year
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆76Updated last year
• zaneGittins / Huntress
  PowerShell tool to triage systems
  ☆12Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Updated 3 years ago
• jckhmr / adlab
  ☆77Updated 5 years ago
• DefensiveOrigins / DO-LAB
  ☆46Updated 2 weeks ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated last year
• M3NIX / sigmaio
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆47Updated last year
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 11 months ago
• Neo23x0 / tiny-shells
  All kinds of tiny shells
  ☆58Updated 2 years ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• slaughterjames / excelpeek
  ☆38Updated 3 years ago
• DefensiveOrigins / DomainBuildScripts
  Build a domain with three quick PowerShell scripts!
  ☆29Updated 4 years ago
• clr2of8 / TellTail
  A tool to display Windows Event logs as they happen.
  ☆12Updated last year
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆137Updated 8 months ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• HuskyHacks / MalAPIReader
  Reads and prints information from the website MalAPI.io
  ☆38Updated 3 years ago
• DefensiveOrigins / Training
  Defensive Origins Training Schedule
  ☆38Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆86Updated last year