jopohl / sigma-rustLinks
A Rust library for parsing and evaluating Sigma rules
☆15Updated 4 months ago
Alternatives and similar repositories for sigma-rust
Users that are interested in sigma-rust are comparing it to the libraries listed below
Sorting:
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 4 months ago
- An opensource sigma conversion tool built using pysigma☆133Updated 3 weeks ago
- pySigma Elasticsearch backend☆54Updated last week
- Takajō (鷹匠) is a Hayabusa results analyzer.☆141Updated 2 weeks ago
- The core backend server handling API requests and task management☆47Updated this week
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆19Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆160Updated 7 months ago
- LOKI2 - Simple IOC and YARA Scanner☆102Updated 2 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 4 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆48Updated 4 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆48Updated 5 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆87Updated 2 weeks ago
- A repository to share publicly available Velociraptor detection content☆186Updated last week
- ☆16Updated 5 months ago
- Sample evtx files to use for testing hayabusa detection rules☆60Updated 10 months ago
- Knowing which rule should trigger according to the redcannary test☆11Updated 10 months ago
- Validates Sigma rules using the JSON schema☆17Updated last year
- ☆12Updated 10 months ago
- Augmentation to Machine Readable CTI☆32Updated 2 weeks ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆114Updated last year
- Pipeline that allows sending forensic artifacts to OpenRelik for automatic processing☆32Updated 4 months ago
- Framework definitions that allow to build a custom SIEM.☆27Updated last year
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆82Updated 3 weeks ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆23Updated 11 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆96Updated this week
- PyVelociraptor contains the python bindings for the Velociraptor API.☆20Updated last month
- A preconfigured Velociraptor triage collector☆55Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆200Updated last week
- A pySigma wrapper to manage detection rules.☆41Updated last month
- ☆96Updated last month