A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD
☆10Nov 7, 2023Updated 2 years ago
Alternatives and similar repositories for ConvertSigmaRepo2KQL
Users that are interested in ConvertSigmaRepo2KQL are comparing it to the libraries listed below
Sorting:
- Scripts written in BASH, PowerShell, Python, and other languages.☆10Aug 5, 2023Updated 2 years ago
- Markdown generation for Clojure☆14Oct 8, 2024Updated last year
- Ingest Nessus files into Elasticsearch using PowerShell!☆19Nov 14, 2025Updated 4 months ago
- Pure Clojure implementation of the Advanced Encryption Standard (AES) for encryption and decryption using 128, 192, and 256 bit keys base…☆16Feb 8, 2023Updated 3 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆31Jul 27, 2023Updated 2 years ago
- My Notes from Hugging Face AI Agents Course☆20Feb 18, 2025Updated last year
- The object detection solution accelerator provides a pre-packaged solution to train, deploy and monitor custom object detection models us…☆14Jan 24, 2024Updated 2 years ago
- ☆18Sep 21, 2021Updated 4 years ago
- A python package to extract attachments from .eml files (email messages saved as files)☆20Jun 27, 2023Updated 2 years ago
- A Clojure library for transforming map keys.☆34Nov 17, 2014Updated 11 years ago
- Manage and maintain Defender XDR custom collection configuration☆34Nov 19, 2025Updated 4 months ago
- Explore ThalesGroup's comprehensive framework for secure machine learning systems on this repository. Developed by Thales experts, this f…☆21Feb 1, 2026Updated last month
- Tool and Jupyter Notebook used in "Enhance Investigations Using LLM, Embeddings, and Clustering" SANS AI Cybersecurity Summit talk.☆18Mar 29, 2025Updated 11 months ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆74Jun 28, 2021Updated 4 years ago
- Misc. content for Microsoft Sentinel☆17Apr 12, 2024Updated last year
- The eMASS client repository maintains the Enterprise Mission Assurance Support Service (eMASS) Representational State Transfer (REST) App…☆26Oct 21, 2025Updated 4 months ago
- Monitor your IP reputation for Email sending or Email marketing.☆43Jul 27, 2013Updated 12 years ago
- ☆18May 5, 2024Updated last year
- Some proxy utilities I've made. PacDbg to debug and troubelshoot a PacFile, and CustomProxy to browse the internet with a custom proxy se…☆24Sep 12, 2017Updated 8 years ago
- Presentations from Conferences☆31Sep 14, 2024Updated last year
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Nov 7, 2020Updated 5 years ago
- Mapping of open-source detection rules and atomic tests.☆204Feb 16, 2026Updated last month
- Cyber Threat Intelligence☆78Dec 7, 2025Updated 3 months ago
- From your Markdown to generated chapters, run ScriptAnalyzer on your examples and generate HTML, a Word Doc or PDF. Table of Contents inc…☆30Apr 18, 2019Updated 6 years ago
- MCP server for Kibana, Access search and manage Kibana in MCP Client.☆58Feb 28, 2026Updated 2 weeks ago
- Default Detections for EDR☆97Feb 20, 2024Updated 2 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- A PowerShell module for incident response and threat hunting.☆38May 23, 2024Updated last year
- eMASSer is a command-line interface (CLI) that aims to automate routine business use-cases and provide utility surrounding the Enterprise…☆45Feb 19, 2026Updated last month
- sideloading PoC using onedrive.exe & version.dll☆93Oct 30, 2025Updated 4 months ago
- RLM based security scanner for massive .NET codebases☆74Feb 9, 2026Updated last month
- Security Content for the PEAK Threat Hunting Framework☆45Feb 15, 2024Updated 2 years ago
- Lifx ambient lighting for Windows☆27Oct 16, 2019Updated 6 years ago
- Detection rule validation☆40Oct 25, 2023Updated 2 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- Registers Vectored Exception Handlers by directly manipulating internal LdrpVectorHandlerList structure instead of calling RtlAddVectored…☆35Jan 18, 2026Updated 2 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated last year
- Framework for Monitoring File Ingestion Source for Yara Matches☆50Mar 10, 2025Updated last year
- NOVA: The Prompt Pattern Matching☆121Jan 27, 2026Updated last month