A Rust library for parsing and evaluating Sigma rules
☆19Nov 26, 2025Updated 3 months ago
Alternatives and similar repositories for sigma-rust
Users that are interested in sigma-rust are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆11Dec 9, 2025Updated 3 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 5 months ago
- ☆21Nov 19, 2025Updated 4 months ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- Repository for Ludus french templates☆23Mar 1, 2026Updated 3 weeks ago
- Sigma Engine implementation in TypeScript☆28Mar 5, 2023Updated 3 years ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆113Jan 24, 2026Updated last month
- pySigma Elasticsearch backend☆65Mar 16, 2026Updated last week
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- This crate provides functions for working with IPv4 CIDRs and IPv6 CIDRs.☆33Dec 26, 2025Updated 2 months ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- 🌦️ Domain Ranker☆16Sep 7, 2019Updated 6 years ago
- Data from analysis of the custom sample from the chapter "Practical Analysis and Test"☆12Aug 1, 2020Updated 5 years ago
- ☆25Feb 13, 2021Updated 5 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆215Updated this week
- ☆44Nov 28, 2025Updated 3 months ago
- Design by contract for Go☆15Mar 13, 2025Updated last year
- Bro script module for detecting malware using domain generation algorithms.☆13Feb 22, 2018Updated 8 years ago
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with built-in process inspect…☆213Updated this week
- ☆21Mar 27, 2025Updated 11 months ago
- ☆15Feb 22, 2026Updated last month
- libdt is part of the "Huorong eXtendible Stream Scan Engine" project copyright by Huorong Borui (Beijing) Technology Co., Ltd.☆14Aug 17, 2015Updated 10 years ago
- A permissions system for Go structs☆15Feb 16, 2018Updated 8 years ago
- Validates Sigma rules using the JSON schema☆22Mar 18, 2024Updated 2 years ago
- ☆23Oct 9, 2024Updated last year
- Ghidra Script for automated analysis of EMOTET☆17Feb 3, 2021Updated 5 years ago
- Tailwind UI Component CSS prefixer☆10Jun 22, 2020Updated 5 years ago
- ☆19Sep 26, 2025Updated 5 months ago
- Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.☆23Apr 22, 2021Updated 4 years ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆24Oct 9, 2024Updated last year
- MITRE ATT&CK in CSV form☆25Feb 27, 2023Updated 3 years ago
- A set of tools and procedures for automating NSM and NIDS deployments in AWS☆15Oct 16, 2020Updated 5 years ago
- Windows Event Log Knowledge Base☆31Dec 23, 2025Updated 3 months ago
- Deduplicate named and unnamed imports of the same import path in Go files☆19May 18, 2020Updated 5 years ago