Knowing which rule should trigger according to the redcannary test
☆11Nov 23, 2024Updated last year
Alternatives and similar repositories for sigma_redcanaryco
Users that are interested in sigma_redcanaryco are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- Sigma rules converted for direct use with Zircolite☆15Updated this week
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32May 21, 2026Updated 3 weeks ago
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆14Jul 11, 2023Updated 2 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Volatility, on Docker 🐳☆41Nov 20, 2025Updated 6 months ago
- Legacy Sigma Tools (sigmac etc.)☆17May 7, 2023Updated 3 years ago
- https://academy.tcm-sec.com/☆15May 10, 2026Updated last month
- PowerShell wrapper for the SentinelOne API☆11Jan 4, 2025Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- Stupid Simple Detection Testing☆13Mar 7, 2024Updated 2 years ago
- An open-source computer forensics tool that can display summary as the result of Windows Event Log analysis based on the chosen function(…☆11Feb 2, 2023Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Repository for Ludus french templates☆26Mar 1, 2026Updated 3 months ago
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- ☆14Jan 2, 2025Updated last year
- ☆43May 22, 2021Updated 5 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆25Aug 12, 2019Updated 6 years ago
- Pushes Sysmon Configs☆91Jun 11, 2021Updated 5 years ago
- Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing☆24May 29, 2023Updated 3 years ago
- Scripts and lists to help generate YARA friendly string mutations☆22Apr 9, 2023Updated 3 years ago
- Look into EDR events from network☆25Nov 20, 2025Updated 6 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆34Oct 16, 2025Updated 8 months ago
- ☆20Mar 26, 2026Updated 2 months ago
- pySigma Splunk backend☆43Mar 22, 2026Updated 2 months ago
- Explore how Unix-like OS (Linux, BSD, macOS...) modify MACB timestamps and check against POSIX (non-)compliance☆18Oct 14, 2024Updated last year
- Living Off Security Tools☆63Nov 23, 2025Updated 6 months ago
- The Sigma command line interface based on pySigma☆192May 10, 2026Updated last month
- ☆18Oct 13, 2025Updated 8 months ago
- THOR Thunderstorm Collectors☆27Jun 3, 2026Updated last week
- Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…☆24May 13, 2026Updated last month
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- [Moved to Codeberg] Tools for inspecting YARA bytecode☆22Jul 1, 2020Updated 5 years ago
- This Repository Talks about the Follina MSDT from Defender Perspective☆38Jun 2, 2022Updated 4 years ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆95Nov 3, 2025Updated 7 months ago
- Lazarus analysis tools and research report☆59Dec 22, 2023Updated 2 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 30, 2026Updated 2 months ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆40May 18, 2022Updated 4 years ago
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Apr 22, 2021Updated 5 years ago