Alternatives and similar repositories for vscode-sigma

Users that are interested in vscode-sigma are comparing it to the libraries listed below

• hillu / yara-rules-re

  View on GitHub
  Tools for inspecting YARA bytecode
  ☆21Jul 1, 2020Updated 5 years ago
• NextronSystems / iocs

  View on GitHub
  Indicators of compromise from to analysis and research by Nextron Threat Research team
  ☆12Sep 17, 2025Updated 4 months ago
• MHaggis / SequelEyes

  View on GitHub
  SQL, IIS, Oh My...
  ☆22Feb 24, 2025Updated 11 months ago
• AttackIQ / SigmAIQ

  View on GitHub
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆91Nov 3, 2025Updated 3 months ago
• Neo23x0 / cyber-chef-recipes

  View on GitHub
  Recipes for GCHQ's CyberChef Web App
  ☆39Nov 15, 2018Updated 7 years ago
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 3 years ago
• frack113 / sigma_redcanaryco

  View on GitHub
  Knowing which rule should trigger according to the redcannary test
  ☆11Nov 23, 2024Updated last year
• cado-security / MalwareAnalysis

  View on GitHub
  MalwareAnalysis
  ☆12Dec 19, 2020Updated 5 years ago
• nasbench / procmon-malware-analysis-filters

  View on GitHub
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆20Oct 2, 2020Updated 5 years ago
• SigmaHQ / sigma-rules-validator

  View on GitHub
  Validates Sigma rules using the JSON schema
  ☆22Mar 18, 2024Updated last year
• Recruit-CSIRT / LinuxTriage

  View on GitHub
  R-CSIRT Linux Triage tool
  ☆39Jun 28, 2018Updated 7 years ago
• NextronSystems / evtx-baseline

  View on GitHub
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Dec 17, 2025Updated last month
• trustedsec / VerifyELF

  View on GitHub
  ☆26May 6, 2024Updated last year
• janstarke / ntdsextract2

  View on GitHub
  This aims to be a collection of tools to forensically analyze Active Directory databases
  ☆26Jun 11, 2025Updated 8 months ago
• SigmaHQ / pySigma-backend-elasticsearch

  View on GitHub
  pySigma Elasticsearch backend
  ☆64Updated this week
• RomaissaAdjailia / Get-AppLockerEventlog

  View on GitHub
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Aug 6, 2022Updated 3 years ago
• avast / yls

  View on GitHub
  YARA Language Server
  ☆75Feb 3, 2026Updated last week
• cmdaltr / elrond

  View on GitHub
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Nov 23, 2025Updated 2 months ago
• center-for-threat-informed-defense / attack-powered-suit

  View on GitHub
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆82Jun 9, 2025Updated 8 months ago
• MISP / misp-compliance

  View on GitHub
  Legal, procedural and policies document templates for operating MISP and information sharing communities
  ☆38Jan 31, 2023Updated 3 years ago
• defensivedepth / osquery-filters

  View on GitHub
  ☆34Aug 8, 2023Updated 2 years ago
• Squiblydoo / certReport

  View on GitHub
  A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.
  ☆38Dec 22, 2025Updated last month
• magicsword-io / sigconverter.io

  View on GitHub
  An opensource sigma conversion tool built using pysigma
  ☆158Updated this week
• zacbrown / PowerShellMethodAuditor

  View on GitHub
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆37Sep 19, 2017Updated 8 years ago
• sumeshi / evtx2es

  View on GitHub
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆86Jun 23, 2025Updated 7 months ago
• fox-it / cisco-ios-xe-implant-detection

  View on GitHub
  Cisco IOS XE implant scanning & detection (CVE-2023-20198, CVE-2023-20273)
  ☆41Nov 7, 2023Updated 2 years ago
• SigmaHQ / sigma-cli

  View on GitHub
  The Sigma command line interface based on pySigma
  ☆176Feb 5, 2026Updated last week
• CIRCL / forensic-tools

  View on GitHub
  CIRCL system forensic tools or a jumble of tools to support forensic
  ☆41Jan 20, 2023Updated 3 years ago
• Neo23x0 / YARA-Performance-Guidelines

  View on GitHub
  A guide on how to write fast and memory friendly YARA rules
  ☆164Feb 11, 2025Updated last year
• AdamMOdell / OSINT-equals-star

  View on GitHub
  OSINT=*, Chrome extension that searches all the threat feeds
  ☆11Dec 5, 2021Updated 4 years ago
• makitos666 / MFT_Fast_Transcoder

  View on GitHub
  MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.
  ☆12Feb 27, 2023Updated 2 years ago
• Sh3llyR / yaraScanParser

  View on GitHub
  ☆11Apr 25, 2021Updated 4 years ago
• serializingme / gpo-bypass

  View on GitHub
  GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.
  ☆14Jan 28, 2023Updated 3 years ago
• Brandon-Everhart / Practical-Malware-Analysis

  View on GitHub
  Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.
  ☆12Oct 28, 2017Updated 8 years ago
• Neo23x0 / YARA-rules

  View on GitHub
  Some YARA rules i will add from time to time
  ☆12May 31, 2019Updated 6 years ago
• alternat0r / training-basic-malware-analysis

  View on GitHub
  In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…
  ☆12May 25, 2016Updated 9 years ago
• cipher387 / hashtags_and_keywords_social_media_quick_search

  View on GitHub
  Tool of the buttons for quick search keywords ans hashtags in 70 different social media platforms
  ☆46Sep 7, 2023Updated 2 years ago
• CIRCL / yara-validator

  View on GitHub
  Validates yara rules and tries to repair the broken ones.
  ☆41Sep 5, 2020Updated 5 years ago
• Velocidex / evtx

  View on GitHub
  Golang Parser for Microsoft Event Logs
  ☆106Nov 7, 2025Updated 3 months ago