socfortress/Wazuh-Rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

socfortress/Wazuh-Rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/socfortress/Wazuh-Rules)

Close

socfortress / Wazuh-RulesView on GitHubMore

• External links
• Readme badge

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

☆1,312Mar 11, 2026Updated 2 months ago

Alternatives and similar repositories for Wazuh-Rules

Users that are interested in Wazuh-Rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• branchnetconsulting / wazuh-tools

  View on GitHub
  Useful scripts for those administering Wazuh
  ☆95Jan 6, 2026Updated 4 months ago
• socfortress / CoPilot

  View on GitHub
  SOCFortress CoPilot
  ☆492May 22, 2026Updated last week
• socfortress / SOCFortress-Threat-Intel

  View on GitHub
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆33Sep 26, 2024Updated last year
• crow1011 / wazuh2thehive

  View on GitHub
  Wazuh integration TheHive
  ☆42Feb 21, 2023Updated 3 years ago
• socfortress / iris-wazuhindexer-module

  View on GitHub
  IRIS Module for Wazuh-Indexer Searching
  ☆12Nov 24, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• socfortress / Playbooks

  View on GitHub
  Playbooks for SOC Analysts
  ☆715Dec 11, 2022Updated 3 years ago
• theflakes / sigma_to_wazuh

  View on GitHub
  Convert Sigma rules to Wazuh rules
  ☆76Sep 13, 2025Updated 8 months ago
• socfortress / OSSIEM

  View on GitHub
  Open Source SIEM Stack
  ☆147Apr 25, 2026Updated last month
• juaromu / wazuh-opencti

  View on GitHub
  ☆43Aug 26, 2023Updated 2 years ago
• wazuh / wazuh-ruleset

  View on GitHub
  Wazuh - Ruleset
  ☆519Sep 19, 2024Updated last year
• 0xbad53c / wazuh-detection-rules

  View on GitHub
  Our collection of Wazuh detection rules for our Offense Lab
  ☆20Feb 13, 2022Updated 4 years ago
• wazuh / wazuh

  View on GitHub
  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
  ☆15,697Updated this week
• Hestat / ossec-sysmon

  View on GitHub
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆98Apr 13, 2022Updated 4 years ago
• AnonymousWP / Wazuh-ChatGPT-integration

  View on GitHub
  A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…
  ☆25Mar 20, 2023Updated 3 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• Shuffle / Shuffle

  View on GitHub
  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
  ☆2,304May 14, 2026Updated 2 weeks ago
• juaromu / wazuh-misp

  View on GitHub
  ☆21Jan 20, 2023Updated 3 years ago
• bayusky / wazuh-custom-rules-and-decoders

  View on GitHub
  In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…
  ☆64Mar 7, 2026Updated 2 months ago
• socfortress / wazuh-mcp-server

  View on GitHub
  Repo to hold wazuh manager mcp server
  ☆82Apr 15, 2026Updated last month
• dfir-iris / iris-web

  View on GitHub
  Collaborative Incident Response platform
  ☆1,496Apr 28, 2026Updated last month
• theflakes / StoW

  View on GitHub
  Sigma to Wazuh rule converter
  ☆23Apr 28, 2026Updated last month
• cloudfence / opnsense-wazuh

  View on GitHub
  Tools to integrate 2 great security tools OPNsense and Wazuh
  ☆33Aug 26, 2021Updated 4 years ago
• pyToshka / wazuh-prometheus-exporter

  View on GitHub
  Wazuh prometheus exporter
  ☆35Jul 4, 2025Updated 10 months ago
• OpenSecureCo / Wazuh-Rules-1

  View on GitHub
  Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
  ☆13Aug 19, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• misje / wazuh-opencti

  View on GitHub
  Wazuh extension looking up alert data against indicators in OpenCTI threat intel
  ☆21Feb 4, 2024Updated 2 years ago
• sametsazak / sysmon

  View on GitHub
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆74Jul 21, 2021Updated 4 years ago
• juaromu / wazuh-nmap

  View on GitHub
  ☆23Mar 1, 2022Updated 4 years ago
• juaromu / wazuh

  View on GitHub
  ☆21Oct 17, 2021Updated 4 years ago
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,480May 22, 2026Updated last week
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆3,045Aug 21, 2024Updated last year
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,973May 22, 2026Updated last week
• tguard-soc-package / nusantara

  View on GitHub
  ☆219May 9, 2024Updated 2 years ago
• jctello / JCT-Wazuh

  View on GitHub
  Tools for Wazuh by Juan C. Tello
  ☆16Jan 13, 2022Updated 4 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• socfortress / ASK-SOCFortress

  View on GitHub
  Your Open-Source SOC Assistant
  ☆12Apr 5, 2023Updated 3 years ago
• nateuribe / Wazuh-IRIS-integration

  View on GitHub
  (Unofficial) Wazuh integration to send alerts to IRIS.
  ☆23Jan 1, 2025Updated last year
• wazuh / wazuh-docker

  View on GitHub
  Wazuh - Docker containers
  ☆1,105Updated this week
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,554May 9, 2026Updated 2 weeks ago
• OpenCTI-Platform / opencti

  View on GitHub
  Open Cyber Threat Intelligence Platform
  ☆9,460Updated this week
• averydiversifiedtech / ossec-wazuh-manager-zabbix

  View on GitHub
  Zabbix Templates and scripts to monitor OSSEC or Wazuh Manager Intrusion Detection
  ☆16Sep 18, 2025Updated 8 months ago
• socfortress / iris-velociraptorartifact-module

  View on GitHub
  IRIS Module to Run Any Velociraptor Artifact
  ☆15Mar 31, 2023Updated 3 years ago