rowham/WinSigmaRuleAnalyzer external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

rowham/WinSigmaRuleAnalyzer

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/rowham/WinSigmaRuleAnalyzer)

Close

rowham / WinSigmaRuleAnalyzerView on GitHubMore

• External links
• Readme badge

Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of the windows rules landscape.

☆10Dec 22, 2023Updated 2 years ago

Alternatives and similar repositories for WinSigmaRuleAnalyzer

Users that are interested in WinSigmaRuleAnalyzer are comparing it to the libraries listed below

• ninoseki / kibune

  View on GitHub
  A Sigma based detection pipeline
  ☆12Dec 15, 2023Updated 2 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• bradleyjkemp / sigma-test

  View on GitHub
  A test case runner for Sigma rules
  ☆14Aug 14, 2024Updated last year
• CTI-Driven / Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project

  View on GitHub
  This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…
  ☆29Nov 20, 2024Updated last year
• Tib3rius / lpeworkshop

  View on GitHub
  Windows / Linux Local Privilege Escalation Workshop
  ☆11Jan 15, 2019Updated 7 years ago
• operatorequals / terraform-provider-elastic-siem

  View on GitHub
  ☆11Apr 22, 2022Updated 3 years ago
• instruqt / packer-k3s

  View on GitHub
  Build K3s image using Packer
  ☆13Mar 10, 2026Updated last week
• LouisMastelinck / LouSecInator

  View on GitHub
  This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…
  ☆14Jul 20, 2025Updated 8 months ago
• Tib3rius / revshellgen

  View on GitHub
  Simple script to generate commands to achieve reverse shells.
  ☆12Aug 12, 2019Updated 6 years ago
• cudeso / misp2defender

  View on GitHub
  MISP to Microsoft Defender integration
  ☆17Feb 24, 2026Updated 3 weeks ago
• cybergoatpsyops / detections

  View on GitHub
  Placeholder for my detection repo and misc detection engineering content
  ☆42Oct 20, 2023Updated 2 years ago
• SkipToTheEndpoint / OIBDeployer

  View on GitHub
  ☆39Sep 10, 2025Updated 6 months ago
• bazylhorsey / obsidian-mcp-server

  View on GitHub
  A server to connect local Obisdian instances and remote vaults with Desktop AI tools like Claude and ChatGPT Desktop
  ☆22Oct 16, 2025Updated 5 months ago
• Tib3rius / rsg

  View on GitHub
  ReverShellGenerator - A tool to generate various ways to do a reverse shell
  ☆12Mar 2, 2019Updated 7 years ago
• syne0 / osprey

  View on GitHub
  Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
  ☆17Dec 29, 2024Updated last year
• aacgood / Cortex-Analyzers

  View on GitHub
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Jan 29, 2020Updated 6 years ago
• GabrielDuschl / SmartSpray

  View on GitHub
  A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…
  ☆17Jan 28, 2026Updated last month
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆163Nov 25, 2025Updated 3 months ago
• oloruntolaallbert / MS-Attack-Range

  View on GitHub
  An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…
  ☆63Jul 27, 2025Updated 7 months ago
• DhaeyerWolf / ICS-OT_wireshark_profiles

  View on GitHub
  ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles
  ☆18Mar 21, 2025Updated 11 months ago
• glyptho / templatesallnuclei

  View on GitHub
  This includes all the templates of nuclei collected from different sources
  ☆18Dec 30, 2022Updated 3 years ago
• mitre / caret

  View on GitHub
  CARET - A tool for viewing cyber analytic relationships
  ☆57Jan 15, 2020Updated 6 years ago
• moshekaplan / awesome-SOC-appliances

  View on GitHub
  A curated list of FOSS software appliances for building a SOC
  ☆18Jan 11, 2021Updated 5 years ago
• center-for-threat-informed-defense / sensor-mappings-to-attack

  View on GitHub
  Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…
  ☆52Jun 21, 2025Updated 8 months ago
• center-for-threat-informed-defense / summiting-the-pyramid

  View on GitHub
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆57Mar 2, 2026Updated 2 weeks ago
• Hacking-Lab / SecurityOperationsCenter

  View on GitHub
  Security Operation Center Lab
  ☆20Oct 8, 2024Updated last year
• Th3l0newolf / Desktop-WorkStation-Endpoint-Security-CheckList

  View on GitHub
  ☆15Jan 27, 2022Updated 4 years ago
• nicholasrobinson / homebridge-smartcielo

  View on GitHub
  Smartcielo (MRCOOL) plug-in for [Homebridge](https://github.com/nfarina/homebridge) using the smartcielo API.
  ☆14Jul 23, 2023Updated 2 years ago
• m-chrome / py-suricataparser

  View on GitHub
  Pure python parser for Snort/Suricata rules.
  ☆34Mar 13, 2024Updated 2 years ago
• nirnachmani / Pixie-Plus-for-Home-Assistant

  View on GitHub
  a Pixie Plus integration for Home Assistant
  ☆12Nov 28, 2025Updated 3 months ago
• Tib3rius / LinEnum

  View on GitHub
  Scripted Local Linux Enumeration & Privilege Escalation Checks
  ☆19Mar 26, 2019Updated 6 years ago
• oliveirt / cActiveDirectorySecurity

  View on GitHub
  The cActiveDirectorySecurity module contains PowerShell Functions which are designed to report on and manipulate Access Control Lists on …
  ☆11Aug 31, 2018Updated 7 years ago
• hassio-addons / addon-firefly-iii

  View on GitHub
  Firefly-III - Home Assistant Community Add-ons
  ☆22Mar 18, 2021Updated 5 years ago
• elastic / elastic-integration-corpus-generator-tool

  View on GitHub
  Command line tool used for generating events corpus dynamically given a specific integration
  ☆25Mar 4, 2026Updated 2 weeks ago
• krdmnbrk / AttackRuleMap

  View on GitHub
  Mapping of open-source detection rules and atomic tests.
  ☆204Feb 16, 2026Updated last month
• Cyb3r-Monk / Cheat-Sheets

  View on GitHub
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Oct 7, 2022Updated 3 years ago
• fluent / fluent-plugin-windows-eventlog

  View on GitHub
  Fluentd plugin to collect windows event logs
  ☆33Mar 12, 2026Updated last week
• ionsec / maes-platform

  View on GitHub
  MAES: M365 Analyzer & Extractor Suite Po
  ☆33Feb 14, 2026Updated last month
• chelnak / OneTimeSecret

  View on GitHub
  A PowerShell Module for OneTimeSecret.com
  ☆10Jun 19, 2021Updated 4 years ago