markuskont / go-sigma-rule-engine
Golang library that implements a sigma log rule parser and match engine.
☆91Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for go-sigma-rule-engine
- A Go implementation and parser for Sigma rules.☆84Updated 2 months ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Sigma rules from Joe Security☆203Updated this week
- Signature engine for all your logs☆160Updated 11 months ago
- OSSEM Detection Model☆168Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆98Updated 2 months ago
- Golang Parser for Microsoft Event Logs☆98Updated 3 months ago
- Sigma Detection Rule Repository☆85Updated 4 years ago
- Security ML models encoded as Yara rules☆211Updated last year
- simple YARA-based IOC scanner☆164Updated 2 months ago
- ☆158Updated last year
- SIEGMA - Transform Sigma rules into SIEM consumables☆141Updated last year
- ☆158Updated 3 years ago
- Cisco Orbital - Osquery queries by Talos☆122Updated 2 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated this week
- Go library for ETW (Event Tracing for Windows) events processing☆59Updated 2 years ago
- Anything Sysmon related from the MSTIC R&D team☆146Updated 5 months ago
- A Go implementation of JARM☆119Updated 2 years ago
- A guide on how to write fast and memory friendly YARA rules☆124Updated last year
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆89Updated last year
- A CALDERA plugin☆72Updated last week
- Automatically create YARA rules from malicious documents.☆208Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 11 months ago
- OSSEM Common Data Model☆54Updated 2 years ago
- Rules generated from our investigations.☆188Updated last week
- enpoint detection / live analysis & sandbox host / signatures quality test☆42Updated 3 years ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆137Updated 2 months ago
- Evtx to Splunk ingestor☆12Updated 2 years ago
- APIs for generating STIX 2.1 and TAXII 2.1 messages with Go (Golang)☆51Updated last year
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆55Updated this week