jopohl / sigma-rustLinks
A Rust library for parsing and evaluating Sigma rules
☆13Updated last month
Alternatives and similar repositories for sigma-rust
Users that are interested in sigma-rust are comparing it to the libraries listed below
Sorting:
- Alternative YARA scanning engine☆70Updated 2 years ago
- Windows file metadata / forensic tool.☆18Updated 9 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆41Updated last month
- Detection Engineering with YARA☆87Updated last year
- Sample evtx files to use for testing hayabusa detection rules☆57Updated 7 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆75Updated this week
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆19Updated last year
- ☆35Updated 8 months ago
- The core backend server handling API requests and task management☆42Updated last week
- An opensource sigma conversion tool built using pysigma☆130Updated last week
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆81Updated last month
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆79Updated last month
- JPCERT/CC public YARA rules repository☆109Updated 6 months ago
- A pySigma wrapper to manage detection rules.☆39Updated 3 weeks ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆36Updated 2 weeks ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆82Updated last year
- A web scraper to create MISP events and reports☆16Updated this week
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- ☆16Updated 3 months ago
- YARA rule analyzer to improve rule quality and performance☆102Updated 2 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆34Updated 2 months ago
- Validates Sigma rules using the JSON schema☆16Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆22Updated 10 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆89Updated last week
- Collection of scripts provided for public use☆34Updated 2 months ago
- ☆92Updated last month
- Interface LLMs from within MISP to extract TTPs and threat intel from CTI reports☆17Updated last year
- A Windows registry file parser written in Rust☆38Updated last year
- ☆8Updated 8 months ago