rowham/WinSigmaRuleAnalyzer external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

rowham/WinSigmaRuleAnalyzer

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/rowham/WinSigmaRuleAnalyzer)

Close

rowham / WinSigmaRuleAnalyzerView on GitHubMore

• External links
• Readme badge

Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of the windows rules landscape.

☆10Dec 22, 2023Updated 2 years ago

Alternatives and similar repositories for WinSigmaRuleAnalyzer

Users that are interested in WinSigmaRuleAnalyzer are comparing it to the libraries listed below

• CTI-Driven / Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project

  View on GitHub
  This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…
  ☆29Nov 20, 2024Updated last year
• Cyb3r-Monk / Cheat-Sheets

  View on GitHub
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Oct 7, 2022Updated 3 years ago
• nirnachmani / Pixie-Plus-for-Home-Assistant

  View on GitHub
  a Pixie Plus integration for Home Assistant
  ☆12Nov 28, 2025Updated 2 months ago
• fortinet-fortisoar / solution-pack-soar-framework

  View on GitHub
  ☆14Feb 6, 2026Updated 3 weeks ago
• cudeso / misp2defender

  View on GitHub
  MISP to Microsoft Defender integration
  ☆16Updated this week
• rcegan / ConvertSigmaRepo2KQL

  View on GitHub
  A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD
  ☆10Nov 7, 2023Updated 2 years ago
• francoisfried / Defender-Advanced-Hunting-Queries

  View on GitHub
  KQL queries for Microsoft Defender Advanced Hunting organized around the TTPs of the MITRE ATT&CK framework.
  ☆18Nov 7, 2024Updated last year
• LouisMastelinck / LouSecInator

  View on GitHub
  This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…
  ☆14Jul 20, 2025Updated 7 months ago
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆163Nov 25, 2025Updated 3 months ago
• PacktPublishing / Threat-Hunting-with-Elastic-Stack

  View on GitHub
  Threat Hunting with Elastic Stack, Published by Packt
  ☆41Jan 18, 2023Updated 3 years ago
• hyakuhei / attackTrees

  View on GitHub
  Modeling, analyzing and rendering attack trees.
  ☆11Sep 9, 2021Updated 4 years ago
• Tib3rius / lpeworkshop

  View on GitHub
  Windows / Linux Local Privilege Escalation Workshop
  ☆11Jan 15, 2019Updated 7 years ago
• Azure / forensics

  View on GitHub
  ☆12Feb 9, 2025Updated last year
• chelnak / OneTimeSecret

  View on GitHub
  A PowerShell Module for OneTimeSecret.com
  ☆10Jun 19, 2021Updated 4 years ago
• Tib3rius / revshellgen

  View on GitHub
  Simple script to generate commands to achieve reverse shells.
  ☆12Aug 12, 2019Updated 6 years ago
• horizon3ai / CVE-2025-64155

  View on GitHub
  CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution
  ☆30Jan 13, 2026Updated last month
• operatorequals / terraform-provider-elastic-siem

  View on GitHub
  ☆11Apr 22, 2022Updated 3 years ago
• ninoseki / kibune

  View on GitHub
  A Sigma based detection pipeline
  ☆13Dec 15, 2023Updated 2 years ago
• sans-blue-team / sec555-mdwiki-v1

  View on GitHub
  ☆12Jan 5, 2021Updated 5 years ago
• instruqt / packer-k3s

  View on GitHub
  Build K3s image using Packer
  ☆13Nov 25, 2025Updated 3 months ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• WebWools / homebridge-daikin-skyfi

  View on GitHub
  Supports Daikin Air Conditioners that use SKYFi via HomeBridge
  ☆10Feb 22, 2020Updated 6 years ago
• XanthusSecurity / memparse

  View on GitHub
  ☆14Jan 18, 2020Updated 6 years ago
• cybergoatpsyops / detections

  View on GitHub
  Placeholder for my detection repo and misc detection engineering content
  ☆42Oct 20, 2023Updated 2 years ago
• center-for-threat-informed-defense / summiting-the-pyramid

  View on GitHub
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆57Feb 19, 2026Updated last week
• center-for-threat-informed-defense / sensor-mappings-to-attack

  View on GitHub
  Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…
  ☆51Jun 21, 2025Updated 8 months ago
• julesduvivier / PasswordFilterService

  View on GitHub
  ☆12Aug 22, 2017Updated 8 years ago
• rvrsh3ll / CanaryServer

  View on GitHub
  Fake SMB and SAMR data
  ☆11Oct 27, 2019Updated 6 years ago
• garybushey / SentinelConfigurationToWord

  View on GitHub
  Create a Word document showing your Sentinel configuration
  ☆14Nov 7, 2023Updated 2 years ago
• inodee / spl-to-kql

  View on GitHub
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Nov 7, 2020Updated 5 years ago
• Tatsuya-hasegawa / MSTICPy_utils

  View on GitHub
  my MSTICpy practice and custom tools repository
  ☆11Apr 23, 2025Updated 10 months ago
• SkipToTheEndpoint / OIBDeployer

  View on GitHub
  ☆39Sep 10, 2025Updated 5 months ago
• bagaffey / Visual-Basic-GUI-IP-Tracker

  View on GitHub
  This is a GUI Interface created with Visual Basic that can be used to track the killer's IP address.
  ☆17Sep 6, 2025Updated 5 months ago
• leresearcher / Maltego---Domaintools

  View on GitHub
  Domaintools addon for Maltego
  ☆15Sep 13, 2012Updated 13 years ago
• Risk-Assessment-Framework / RAF-DAST-Scanner

  View on GitHub
  Dast tool
  ☆13Jul 28, 2023Updated 2 years ago
• The-DFIR-Report / Suricata-Rules

  View on GitHub
  ☆11Jun 12, 2023Updated 2 years ago
• Supahands / llm-comparison

  View on GitHub
  This is an opensource project allowing you to compare two LLM's head to head with a given prompt, it has a wide range of supported models…
  ☆25Mar 24, 2025Updated 11 months ago
• oliveirt / cActiveDirectorySecurity

  View on GitHub
  The cActiveDirectorySecurity module contains PowerShell Functions which are designed to report on and manipulate Access Control Lists on …
  ☆11Aug 31, 2018Updated 7 years ago
• oloruntolaallbert / MS-Attack-Range

  View on GitHub
  An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…
  ☆62Jul 27, 2025Updated 7 months ago