Alternatives and similar repositories for sigma-convert

Users that are interested in sigma-convert are comparing it to the libraries listed below

• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated last week
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆52Updated 4 years ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆102Updated last week
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆27Updated 7 years ago
• kirk-sayre-work / box-js
  A tool for studying JavaScript malware.
  ☆15Updated 2 weeks ago
• EmergingThreats / log4shell-detection
  ☆12Updated 3 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆134Updated 10 months ago
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated last year
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆33Updated 3 weeks ago
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆36Updated 2 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆55Updated 4 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated last year
• ioc-fang / ioc-fanger
  Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
  ☆63Updated last year
• socprime / SigmaRulesIntegration
  ☆15Updated 7 years ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆108Updated last year
• freetaxii / server
  A cyber threat intelligence server based on TAXII 2 and written in Golang
  ☆30Updated 5 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 3 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆27Updated 5 years ago
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 5 years ago
• abhinavbom / clara
  Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  ☆31Updated 3 weeks ago
• mmguero-dev / Malcolm-PCAP
  This repository has been archived in favor of https://github.com/idaholab/Malcolm-Test-Artifacts
  ☆36Updated 7 months ago
• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Updated 3 years ago
• 3c7 / infrastructure-tracking-schema
  ☆24Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆77Updated 4 years ago
• nccgroup / yaml2yara
  Generate bulk YARA rules from YAML input
  ☆22Updated 5 years ago
• stricaud / sightingdb
  SightingDB is a database for Sightings
  ☆22Updated 2 years ago
• avuko / kathe
  A GUI/REST interface to find similarities in large sets (think: binaries). Based on ssdeep.
  ☆20Updated 3 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆78Updated 3 years ago