frkncelik / Sigma-Rule

Related projects ⓘ

Alternatives and complementary repositories for Sigma-Rule

• OTRF / detection-hackathon-apt29
  Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
  ☆132Updated 4 years ago
• WithSecureLabs / lazarus-sigma-rules
  ☆20Updated 4 years ago
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆85Updated 4 years ago
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆60Updated 11 months ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆84Updated last year
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• TravisFSmith / mitre_attack
  ☆78Updated 4 years ago
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆127Updated 3 years ago
• Neo23x0 / sysmon-version-history
  An Inofficial Sysmon Version History (Change Log)
  ☆32Updated 4 years ago
• advanced-threat-research / IOCs
  Repository containing IOCs, CSV and MISP JSON from our blogs
  ☆79Updated 3 years ago
• timfrazier1 / AdversarySimulation
  Compilation of resources to help with Adversary Simulation automation harness
  ☆100Updated 4 years ago
• Th1ru-M / Windows-Threat-Hunting
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Updated 3 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• Insikt-Group / Research
  Research indicators and detection rules
  ☆66Updated last year
• elcabezzonn / Pcaps
  ☆38Updated 10 months ago
• Kart1keya / Hachi
  This tool maps a file's behavior on MITRE ATT&CK matrix.
  ☆57Updated 4 years ago
• 0xAnalyst / CB-Threat-Hunting
  ☆115Updated 9 months ago
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆83Updated 4 years ago
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆63Updated last year
• krakow2600 / atomic-threat-coverage
  The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
  ☆23Updated 5 years ago
• mitre / stockpile
  A CALDERA plugin
  ☆72Updated 3 weeks ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• P4T12ICK / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆107Updated 4 years ago
• deadbits / yara-rules
  Collection of YARA signatures from individual research
  ☆42Updated last year
• Neo23x0 / evt2sigma
  Log Entry to Sigma Rule Converter
  ☆105Updated 2 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆98Updated 2 months ago
• jsecurity101 / Detecting-Process-Injection-Techniques
  This is a repository that is meant to hold detections for various process injection techniques.
  ☆33Updated 4 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆76Updated 2 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago