Alternatives and similar repositories for go-sigma-rule-engine

Users that are interested in go-sigma-rule-engine are comparing it to the libraries listed below

• bradleyjkemp / sigma-go

  View on GitHub
  A Go implementation and parser for Sigma rules.
  ☆95May 15, 2025Updated 8 months ago
• satta / gommunityid

  View on GitHub
  Go implementation of the Community ID flow hashing standard
  ☆21Apr 17, 2025Updated 9 months ago
• google / gonids

  View on GitHub
  gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that…
  ☆192Jul 18, 2025Updated 6 months ago
• 0xThiebaut / sigmai

  View on GitHub
  Import specific data sources into the Sigma generic and open signature format.
  ☆79May 6, 2022Updated 3 years ago
• opencybersecurityalliance / firepit

  View on GitHub
  Firepit - STIX Columnar Storage
  ☆17Jun 5, 2024Updated last year
• TcM1911 / stix2

  View on GitHub
  A pure Go library for working with Structured Threat Information Expression (STIX™) version 2.x data
  ☆27Apr 27, 2025Updated 9 months ago
• bradleyjkemp / sigma-test

  View on GitHub
  A test case runner for Sigma rules
  ☆14Aug 14, 2024Updated last year
• MAECProject / pefile-to-maec

  View on GitHub
  Generate MAEC XML from Ero Carrera's pefile output
  ☆15Mar 6, 2017Updated 8 years ago
• SigmaHQ / pySigma

  View on GitHub
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆527Feb 5, 2026Updated last week
• blackstork-io / fabric

  View on GitHub
  An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…
  ☆67Jul 6, 2025Updated 7 months ago
• binalyze / tigma

  View on GitHub
  Sigma Engine implementation in TypeScript
  ☆28Mar 5, 2023Updated 2 years ago
• NextronSystems / gimphash

  View on GitHub
  Imphash-like calculation on Golang binaries
  ☆49Jul 2, 2022Updated 3 years ago
• wolfeidau / s3iofs

  View on GitHub
  This package provides an S3 implementation for Go1.16 filesystem interface.
  ☆13Apr 21, 2025Updated 9 months ago
• SentineLabs / Cl0p-ELF-Decryptor

  View on GitHub
  Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.
  ☆17Feb 6, 2023Updated 3 years ago
• viktb / asnlookup

  View on GitHub
  CLI and Go package for fast, offline ASN lookups
  ☆20Feb 27, 2025Updated 11 months ago
• joesecurity / sigma-rules

  View on GitHub
  Sigma rules from Joe Security
  ☆230Nov 4, 2024Updated last year
• cugu / kaitaigo

  View on GitHub
  kaitaigo is a compiler and runtime to create Go parsers from Kaitai Struct files
  ☆18Apr 20, 2022Updated 3 years ago
• cyentific-rni / cacao-json-schemas

  View on GitHub
  JSON schemas for validating CACAO Security Playbooks. Note: In December 2023, Cyentific AS offered and transferred the content of this re…
  ☆19Dec 15, 2023Updated 2 years ago
• eclecticiq / stix-icons

  View on GitHub
  stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats a…
  ☆37Dec 15, 2022Updated 3 years ago
• invoke-eric / jupyter

  View on GitHub
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Sep 14, 2023Updated 2 years ago
• threathunters-io / laurel

  View on GitHub
  Transform Linux Audit logs for SIEM usage
  ☆811Dec 18, 2025Updated last month
• DCSO / balboa

  View on GitHub
  server for indexing and querying passive DNS observations
  ☆49Jan 12, 2026Updated last month
• markuskont / pikksilm

  View on GitHub
  Look into EDR events from network
  ☆25Nov 20, 2025Updated 2 months ago
• Yamato-Security / hayabusa-rules

  View on GitHub
  Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
  ☆213Feb 4, 2026Updated last week
• Velocidex / go-ntfs

  View on GitHub
  An NTFS file parser in Go
  ☆73Mar 22, 2025Updated 10 months ago
• mdecrevoisier / SIGMA-detection-rules

  View on GitHub
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆412Nov 8, 2025Updated 3 months ago
• avast / yarang

  View on GitHub
  Alternative YARA scanning engine
  ☆73Aug 23, 2022Updated 3 years ago
• gerwout / pacs

  View on GitHub
  Pritunl Access Control System
  ☆10Feb 16, 2023Updated 2 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• taterhead / PCAP-Index

  View on GitHub
  Set of scripts to index PCAP files and retrieve packets
  ☆14Sep 10, 2015Updated 10 years ago
• nytr0gen / go-cidr

  View on GitHub
  CIDR to IP List Tool
  ☆14Mar 12, 2016Updated 9 years ago
• jpalanco / klara-docker-compose

  View on GitHub
  Klara docker compose
  ☆11May 19, 2020Updated 5 years ago
• tenzir / dockerized-zeek

  View on GitHub
  Dockerized Zeek
  ☆12Mar 9, 2024Updated last year
• micrictor / smbfp

  View on GitHub
  Zeek package to generate a SMB client fingerprint
  ☆27May 5, 2020Updated 5 years ago
• muchdogesec / stixify

  View on GitHub
  Extract machine readable cyber threat intelligence from unstructured data (inc. PDFs, Word docs, and HTML pages)
  ☆33Updated this week
• JustinAzoff / can-i-use-afpacket-fanout

  View on GitHub
  Validate if afpacket PACKET_FANOUT_HASH is working properly
  ☆25May 19, 2022Updated 3 years ago
• cedowens / C2-JARM

  View on GitHub
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆145Apr 20, 2023Updated 2 years ago
• SecurityBrewery / catalyst

  View on GitHub
  ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…
  ☆510Feb 1, 2026Updated last week
• kaitai-io / ksy_schema

  View on GitHub
  Kaitai Struct YAML (KSY) schema specification
  ☆15Sep 12, 2025Updated 5 months ago