An index of publicly available and open-source threat detection rulesets.
☆136Apr 17, 2025Updated last year
Alternatives and similar repositories for Rulehound
Users that are interested in Rulehound are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An OpenAI API Compatible Honeypot Gateway☆26Mar 17, 2025Updated last year
- Convert Sigma rules to SIEM queries, directly in your browser.☆116Jun 2, 2026Updated last week
- Web Server Vulnerability Scanning Tool☆37Mar 11, 2025Updated last year
- PoC shadow SaaS and insecure credential detection system using a browser extension.☆45May 8, 2026Updated last month
- Fast and easy to use CLI-based file encryption program 📦☆13Oct 12, 2025Updated 8 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆27May 19, 2026Updated 3 weeks ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆112Jul 21, 2025Updated 10 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated last year
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 3 years ago
- A preconfigured Velociraptor triage collector☆77Jun 4, 2026Updated last week
- Ludus roles to deploy ASR rules and MDI auditing settings☆25Aug 5, 2025Updated 10 months ago
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- ☆54Apr 27, 2026Updated last month
- ☆14Jun 1, 2026Updated last week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Quick ESXi Log Parser☆31Oct 20, 2025Updated 7 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆223Sep 4, 2024Updated last year
- CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taki…☆344May 18, 2026Updated 3 weeks ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆178May 22, 2026Updated 3 weeks ago
- NOVA: The Prompt Pattern Matching☆143May 16, 2026Updated 3 weeks ago
- Mapping of open-source detection rules and atomic tests.☆212Feb 16, 2026Updated 3 months ago
- Security tool against dependency typosquatting attacks☆56Jun 4, 2026Updated last week
- ☆165Mar 20, 2026Updated 2 months ago
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆41May 7, 2023Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.☆402Jan 20, 2026Updated 4 months ago
- 🌑 EclipseRecon is a personal project developed during my cybersecurity learning journey 🛡️. It helps practice web reconnaissance 🌐 by …☆30Nov 26, 2025Updated 6 months ago
- 💾 Windows 🚀 A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during u…☆56May 28, 2026Updated 2 weeks ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated 2 years ago
- Generate datasets of cloud audit logs for common attacks☆240May 7, 2026Updated last month
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Listener that spawns a new tmux window for each incoming reverse shell + Supports listening on many ports☆61Jul 13, 2025Updated 10 months ago
- Feed it a number. Your cloned voice does the social engineering, while you sip your coffee. A ghost that talks on the phone for you.☆114May 30, 2025Updated last year
- SimpleCrypt is a powerful command-line tool designed for securely encrypting and decrypting files and directories using AES-256 encryptio…☆20Mar 22, 2026Updated 2 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆16May 2, 2026Updated last month
- A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…☆444May 18, 2026Updated 3 weeks ago
- BlueSky OSINT Tool☆15Dec 10, 2024Updated last year
- Terms of Use Conditional Access M365 Evilginx Phishlet☆46Jun 23, 2025Updated 11 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆19Jun 26, 2025Updated 11 months ago
- Addon for BHCE☆58Apr 1, 2025Updated last year
- A comprehensive ETW (Event Tracing for Windows) event generation tool designed for testing and research purposes.☆271Sep 23, 2025Updated 8 months ago