Alternatives and similar repositories for SigGen

Users that are interested in SigGen are comparing it to the libraries listed below

• dandye / adk_runbooks
  ☆41Updated 2 weeks ago
• OTRF / GenAI-Security-Adventures
  ☆105Updated last year
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆113Updated 9 months ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆82Updated last year
• Cyb3rWard0g / IntelRAGU
  Intel Retrieval Augmented Generation (RAG) Utilities
  ☆90Updated last year
• anvilogic-forge / armory
  Anvilogic Forge
  ☆104Updated last week
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆82Updated last month
• runreveal / sigmalite
  ☆44Updated 4 months ago
• AppOmni-Labs / event-maturity-matrix
  The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…
  ☆21Updated 3 weeks ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆46Updated 2 months ago
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆31Updated 4 months ago
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆131Updated last month
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆24Updated 4 months ago
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆89Updated last year
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆164Updated 4 months ago
• threat-punter / detection-as-code-example
  A POC to implement Detection-as-Code with Terraform and Sumo Logic.
  ☆29Updated last year
• korniko98 / pivot-atlas
  ☆92Updated 2 months ago
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆91Updated this week
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆29Updated 2 years ago
• muchdogesec / txt2stix
  Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.
  ☆61Updated this week
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆75Updated last year
• certeu / droid
  A pySigma wrapper to manage detection rules.
  ☆40Updated last week
• opencybersecurityalliance / kestrel-huntbook
  This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
  ☆33Updated last year
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆38Updated last year
• k-bailey / detection-engineering-maturity-matrix
  ☆95Updated 2 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆68Updated 2 months ago
• format81 / GenAI-STIX2.1-Generator
  GenAI-STIX2.1-Generator is a tool that leverages Azure OpenAI capabilities to transform threat intelligence reports from unstructured web…
  ☆16Updated 3 months ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆186Updated 10 months ago
• the2dl / SSDT
  Stupid Simple Detection Testing
  ☆13Updated last year