joesecurity / sigma-rulesLinks
Sigma rules from Joe Security
☆221Updated 11 months ago
Alternatives and similar repositories for sigma-rules
Users that are interested in sigma-rules are comparing it to the libraries listed below
Sorting:
- OSSEM Detection Model☆179Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆155Updated 6 months ago
- ☆130Updated last year
- Sigma Detection Rule Repository☆89Updated 5 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆287Updated last year
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆351Updated 4 years ago
- Rules generated from our investigations.☆201Updated 3 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆233Updated 6 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆385Updated 8 months ago
- Detection Ideas & Rules repository.☆179Updated 4 years ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- PCAP Samples for Different Post Exploitation Techniques☆365Updated 4 years ago
- Misc Threat Hunting Resources☆374Updated 2 years ago
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆309Updated 3 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆140Updated 4 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆412Updated 2 years ago
- ATT&CK Remote Threat Hunting Incident Response☆204Updated 9 months ago
- ☆116Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- ☆165Updated 4 years ago
- Threat Hunting & Incident Investigation with Osquery☆216Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆112Updated 5 years ago
- Log Entry to Sigma Rule Converter☆109Updated 3 years ago
- ☆175Updated last year
- Signatures and IoCs from public Volexity blog posts.☆356Updated 3 weeks ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆136Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆353Updated 3 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆116Updated 5 months ago
- ☆75Updated this week
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆189Updated 3 years ago