calebstewart/python-sigma external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

calebstewart/python-sigma

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/calebstewart/python-sigma)

Close

calebstewart / python-sigmaView on GitHubMore

• External links
• Readme badge

Python API for interacting with sigma rules.

☆54Jul 1, 2022Updated 3 years ago

Alternatives and similar repositories for python-sigma

Users that are interested in python-sigma are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• calebstewart / calebstew.art

  View on GitHub
  Landing page for calebstew.art
  ☆23Dec 1, 2021Updated 4 years ago
• josh0xA / win32-iat

  View on GitHub
  Small attempt at a decent Import Address Table (IAT) Dumper
  ☆15Aug 25, 2024Updated last year
• oparkins / ignition-key.kali

  View on GitHub
  Ansible scripts to install tools and files wanted on a new Kali Machine
  ☆32Nov 22, 2019Updated 6 years ago
• calebstewart / RegistryBaseline

  View on GitHub
  Baseline/Test for persistence in common Windows Registry locations
  ☆23Jan 30, 2019Updated 7 years ago
• calebstewart / pwncat-windows-c2

  View on GitHub
  pwncat windows c2 components
  ☆22Jun 21, 2021Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• josh0xA / DoubleAgent

  View on GitHub
  Zero-Day Code Injection and Persistence Technique
  ☆35Mar 28, 2017Updated 8 years ago
• ydkhatri / spotlight_queries

  View on GitHub
  Queries for parsed spotlight database in sqlite
  ☆13Dec 29, 2020Updated 5 years ago
• NextronSystems / velociraptor-artifacts-thor

  View on GitHub
  Thor Artifacts for Velociraptor
  ☆19Dec 2, 2025Updated 3 months ago
• seanthegeek / yaramail

  View on GitHub
  A Python package and command line utility for scanning emails with YARA rules
  ☆21Jan 23, 2026Updated 2 months ago
• Neo23x0 / yara-uuid-generator

  View on GitHub
  A tool that adds reproducible UUIDs to YARA rules
  ☆13Apr 24, 2024Updated last year
• theart42 / cves

  View on GitHub
  CVE's we discovered along the way
  ☆17Oct 18, 2021Updated 4 years ago
• Permiso-io-tools / capiche

  View on GitHub
  ☆18Feb 2, 2026Updated last month
• MatthewClarkMay / fTriage

  View on GitHub
  Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.
  ☆21Mar 12, 2019Updated 7 years ago
• MandConsultingGroup / ring3-kit

  View on GitHub
  Hides Process From Task Manager Using NT API Hooking (NtQuerySystemInformation)
  ☆81Dec 28, 2022Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• NextronSystems / gimphash

  View on GitHub
  Imphash-like calculation on Golang binaries
  ☆49Jul 2, 2022Updated 3 years ago
• 0xHasanM / Autopsy-Registry-Explorer

  View on GitHub
  Autopsy Module to analyze Registry Hives
  ☆16Feb 18, 2022Updated 4 years ago
• matrix / hashcat-SolarWindsHack

  View on GitHub
  ☆11Dec 22, 2020Updated 5 years ago
• P4T12ICK / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆115May 18, 2020Updated 5 years ago
• mobdk / winNoise

  View on GitHub
  Execute embedded Mimikatz
  ☆13Nov 24, 2021Updated 4 years ago
• SigmaHQ / pySigma

  View on GitHub
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆536Updated this week
• Edd13Mora / RedFlags

  View on GitHub
  ☆14Jun 29, 2023Updated 2 years ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆44Jul 18, 2022Updated 3 years ago
• JohnHammond / wfi

  View on GitHub
  Windows File Integrity -- an archive of information on installed Windows binaries.
  ☆34Aug 26, 2022Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• Stage2Sec / sigmalint

  View on GitHub
  A simple linter for Sigma rules
  ☆13Oct 22, 2020Updated 5 years ago
• AbdulRhmanAlfaifi / Rhaegal

  View on GitHub
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆43Sep 21, 2023Updated 2 years ago
• theevilbit / DuckDockTile

  View on GitHub
  ☆17Sep 29, 2023Updated 2 years ago
• Edd13Mora / OrangeChakra

  View on GitHub
  Osint French People Location
  ☆15Jan 3, 2023Updated 3 years ago
• MarkBaggett / ese-analyst

  View on GitHub
  This is a set of tools for doing forensics analysis on Microsoft ESE databases.
  ☆129Jan 31, 2022Updated 4 years ago
• fboldewin / YARA_Detection_Engineering

  View on GitHub
  Detection Engineering with YARA
  ☆87Jan 6, 2024Updated 2 years ago
• mdecrevoisier / SIGMA-detection-rules

  View on GitHub
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆416Nov 8, 2025Updated 4 months ago
• mgreen27 / DetectRaptor

  View on GitHub
  A repository to share publicly available Velociraptor detection content
  ☆196Mar 15, 2026Updated last week
• Yamato-Security / suzaku-rules

  View on GitHub
  ☆11Dec 9, 2025Updated 3 months ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• usualsuspect / yara_vt_mock

  View on GitHub
  Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
  ☆24May 29, 2023Updated 2 years ago
• josh0xA / threadfire

  View on GitHub
  PoC Thread Execution Hijacking for Win32 Code Injection
  ☆177Aug 8, 2024Updated last year
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆791Mar 14, 2026Updated last week
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆164Nov 25, 2025Updated 4 months ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet

  View on GitHub
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆21Jul 1, 2023Updated 2 years ago
• SigmaHQ / sigma-specification

  View on GitHub
  Sigma rule specification
  ☆174Feb 5, 2026Updated last month
• binalyze / tigma

  View on GitHub
  Sigma Engine implementation in TypeScript
  ☆28Mar 5, 2023Updated 3 years ago