Golang library that implements a sigma log rule parser and match engine.
☆105Jul 17, 2024Updated last year
Alternatives and similar repositories for go-sigma-rule-engine
Users that are interested in go-sigma-rule-engine are comparing it to the libraries listed below
Sorting:
- A Go implementation and parser for Sigma rules.☆95May 15, 2025Updated 9 months ago
- Go implementation of the Community ID flow hashing standard☆21Apr 17, 2025Updated 10 months ago
- A Sigma based detection pipeline☆12Dec 15, 2023Updated 2 years ago
- Firepit - STIX Columnar Storage☆18Jun 5, 2024Updated last year
- A pure Go library for working with Structured Threat Information Expression (STIX™) version 2.x data☆27Apr 27, 2025Updated 10 months ago
- A test case runner for Sigma rules☆14Aug 14, 2024Updated last year
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 9 years ago
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆534Feb 15, 2026Updated 3 weeks ago
- An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…☆67Jul 6, 2025Updated 8 months ago
- Sigma Engine implementation in TypeScript☆28Mar 5, 2023Updated 3 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Provide a shell like interface by utilizing osquery's distributed API☆82Jun 24, 2020Updated 5 years ago
- This package provides an S3 implementation for Go1.16 filesystem interface.☆13Updated this week
- Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.☆17Feb 6, 2023Updated 3 years ago
- CLI and Go package for fast, offline ASN lookups☆21Feb 27, 2025Updated last year
- Sigma rules from Joe Security☆233Nov 4, 2024Updated last year
- kaitaigo is a compiler and runtime to create Go parsers from Kaitai Struct files☆18Apr 20, 2022Updated 3 years ago
- JSON schemas for validating CACAO Security Playbooks. Note: In December 2023, Cyentific AS offered and transferred the content of this re…☆19Dec 15, 2023Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats a…☆38Dec 15, 2022Updated 3 years ago
- Golang port of pefile☆25Jul 17, 2017Updated 8 years ago
- Transform Linux Audit logs for SIEM usage☆817Updated this week
- server for indexing and querying passive DNS observations☆50Jan 12, 2026Updated last month
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆214Mar 1, 2026Updated last week
- An NTFS file parser in Go☆72Mar 22, 2025Updated 11 months ago
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Klara docker compose☆11May 19, 2020Updated 5 years ago
- CIDR to IP List Tool☆14Mar 12, 2016Updated 9 years ago
- Dockerized Zeek☆12Mar 9, 2024Updated 2 years ago
- This repository is a part of GSoC Project 2019 which intends to add the macOS support for Cuckoo Sandbox. This repository helps setting u…☆11Aug 26, 2019Updated 6 years ago
- Set of scripts to index PCAP files and retrieve packets☆14Sep 10, 2015Updated 10 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- Validate if afpacket PACKET_FANOUT_HASH is working properly☆25May 19, 2022Updated 3 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆144Apr 20, 2023Updated 2 years ago
- Extract machine readable cyber threat intelligence from unstructured data (inc. PDFs, Word docs, and HTML pages)☆34Updated this week
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆518Mar 1, 2026Updated last week
- A linter for ksy files.☆11Aug 15, 2021Updated 4 years ago
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago