socfortress/Wazuh-Rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

socfortress/Wazuh-Rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/socfortress/Wazuh-Rules)

Close

socfortress / Wazuh-RulesView on GitHubMore

• External links
• Readme badge

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

☆1,300Mar 11, 2026Updated last month

Alternatives and similar repositories for Wazuh-Rules

Users that are interested in Wazuh-Rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• branchnetconsulting / wazuh-tools

  View on GitHub
  Useful scripts for those administering Wazuh
  ☆95Jan 6, 2026Updated 4 months ago
• socfortress / CoPilot

  View on GitHub
  SOCFortress CoPilot
  ☆485Updated this week
• socfortress / SOCFortress-Threat-Intel

  View on GitHub
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆33Sep 26, 2024Updated last year
• crow1011 / wazuh2thehive

  View on GitHub
  Wazuh integration TheHive
  ☆42Feb 21, 2023Updated 3 years ago
• socfortress / iris-wazuhindexer-module

  View on GitHub
  IRIS Module for Wazuh-Indexer Searching
  ☆12Nov 24, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• socfortress / Playbooks

  View on GitHub
  Playbooks for SOC Analysts
  ☆712Dec 11, 2022Updated 3 years ago
• theflakes / sigma_to_wazuh

  View on GitHub
  Convert Sigma rules to Wazuh rules
  ☆76Sep 13, 2025Updated 7 months ago
• socfortress / OSSIEM

  View on GitHub
  Open Source SIEM Stack
  ☆148Apr 25, 2026Updated 2 weeks ago
• juaromu / wazuh-opencti

  View on GitHub
  ☆43Aug 26, 2023Updated 2 years ago
• wazuh / wazuh-ruleset

  View on GitHub
  Wazuh - Ruleset
  ☆516Sep 19, 2024Updated last year
• 0xbad53c / wazuh-detection-rules

  View on GitHub
  Our collection of Wazuh detection rules for our Offense Lab
  ☆20Feb 13, 2022Updated 4 years ago
• wazuh / wazuh

  View on GitHub
  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
  ☆15,486Updated this week
• Hestat / ossec-sysmon

  View on GitHub
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆97Apr 13, 2022Updated 4 years ago
• AnonymousWP / Wazuh-ChatGPT-integration

  View on GitHub
  A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…
  ☆25Mar 20, 2023Updated 3 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• Shuffle / Shuffle

  View on GitHub
  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
  ☆2,274May 1, 2026Updated last week
• juaromu / wazuh-misp

  View on GitHub
  ☆21Jan 20, 2023Updated 3 years ago
• bayusky / wazuh-custom-rules-and-decoders

  View on GitHub
  In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…
  ☆63Mar 7, 2026Updated 2 months ago
• socfortress / wazuh-mcp-server

  View on GitHub
  Repo to hold wazuh manager mcp server
  ☆81Apr 15, 2026Updated 3 weeks ago
• dfir-iris / iris-web

  View on GitHub
  Collaborative Incident Response platform
  ☆1,481Apr 28, 2026Updated last week
• theflakes / StoW

  View on GitHub
  Sigma to Wazuh rule converter
  ☆23Apr 28, 2026Updated last week
• cloudfence / opnsense-wazuh

  View on GitHub
  Tools to integrate 2 great security tools OPNsense and Wazuh
  ☆33Aug 26, 2021Updated 4 years ago
• pyToshka / wazuh-prometheus-exporter

  View on GitHub
  Wazuh prometheus exporter
  ☆36Jul 4, 2025Updated 10 months ago
• OpenSecureCo / Wazuh-Rules-1

  View on GitHub
  Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
  ☆13Aug 19, 2022Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• misje / wazuh-opencti

  View on GitHub
  Wazuh extension looking up alert data against indicators in OpenCTI threat intel
  ☆21Feb 4, 2024Updated 2 years ago
• sametsazak / sysmon

  View on GitHub
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆74Jul 21, 2021Updated 4 years ago
• juaromu / wazuh-nmap

  View on GitHub
  ☆23Mar 1, 2022Updated 4 years ago
• juaromu / wazuh

  View on GitHub
  ☆21Oct 17, 2021Updated 4 years ago
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,386May 1, 2026Updated last week
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆3,031Aug 21, 2024Updated last year
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,950Updated this week
• tguard-soc-package / nusantara

  View on GitHub
  ☆218May 9, 2024Updated 2 years ago
• jctello / JCT-Wazuh

  View on GitHub
  Tools for Wazuh by Juan C. Tello
  ☆16Jan 13, 2022Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• socfortress / ASK-SOCFortress

  View on GitHub
  Your Open-Source SOC Assistant
  ☆12Apr 5, 2023Updated 3 years ago
• nateuribe / Wazuh-IRIS-integration

  View on GitHub
  (Unofficial) Wazuh integration to send alerts to IRIS.
  ☆23Jan 1, 2025Updated last year
• wazuh / wazuh-docker

  View on GitHub
  Wazuh - Docker containers
  ☆1,084Updated this week
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,534May 2, 2026Updated last week
• OpenCTI-Platform / opencti

  View on GitHub
  Open Cyber Threat Intelligence Platform
  ☆9,231Updated this week
• averydiversifiedtech / ossec-wazuh-manager-zabbix

  View on GitHub
  Zabbix Templates and scripts to monitor OSSEC or Wazuh Manager Intrusion Detection
  ☆16Sep 18, 2025Updated 7 months ago
• socfortress / iris-velociraptorartifact-module

  View on GitHub
  IRIS Module to Run Any Velociraptor Artifact
  ☆15Mar 31, 2023Updated 3 years ago