socfortress / Wazuh-RulesView external linksLinks
Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
☆1,214Jan 29, 2026Updated 2 weeks ago
Alternatives and similar repositories for Wazuh-Rules
Users that are interested in Wazuh-Rules are comparing it to the libraries listed below
Sorting:
- Useful scripts for those administering Wazuh☆91Jan 6, 2026Updated last month
- SOCFortress CoPilot☆437Updated this week
- Wazuh integration TheHive☆41Feb 21, 2023Updated 2 years ago
- Playbooks for SOC Analysts☆674Dec 11, 2022Updated 3 years ago
- ☆41Aug 26, 2023Updated 2 years ago
- Open Source SIEM Stack☆138Dec 3, 2025Updated 2 months ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆32Sep 26, 2024Updated last year
- Convert Sigma rules to Wazuh rules☆73Sep 13, 2025Updated 5 months ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- Sigma to Wazuh rule converter☆17Sep 28, 2025Updated 4 months ago
- Wazuh - Ruleset☆504Sep 19, 2024Updated last year
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆95Apr 13, 2022Updated 3 years ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,183Updated this week
- Collaborative Incident Response platform☆1,384Jan 27, 2026Updated 3 weeks ago
- IRIS Module for Wazuh-Indexer Searching☆11Nov 24, 2023Updated 2 years ago
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆14,722Updated this week
- ☆20Jan 20, 2023Updated 3 years ago
- Digging Deeper....☆3,763Updated this week
- Main Sigma Rule Repository☆10,109Feb 10, 2026Updated last week
- Repo to hold wazuh manager mcp server☆74Sep 22, 2025Updated 4 months ago
- A repository of sysmon configuration modules☆2,968Aug 21, 2024Updated last year
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆71Jul 21, 2021Updated 4 years ago
- A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…☆24Mar 20, 2023Updated 2 years ago
- Wazuh prometheus exporter☆35Jul 4, 2025Updated 7 months ago
- Tools to integrate 2 great security tools OPNsense and Wazuh☆31Aug 26, 2021Updated 4 years ago
- Tools for Wazuh by Juan C. Tello☆15Jan 13, 2022Updated 4 years ago
- In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…☆58Dec 19, 2025Updated last month
- ☆22Mar 1, 2022Updated 3 years ago
- Open Cyber Threat Intelligence Platform☆8,212Updated this week
- ☆20Oct 17, 2021Updated 4 years ago
- ☆220May 9, 2024Updated last year
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,440Oct 12, 2025Updated 4 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,020Updated this week
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆720Sep 23, 2024Updated last year
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Nov 20, 2024Updated last year
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆13Aug 19, 2022Updated 3 years ago
- Automated Adversary Emulation Platform☆6,733Feb 9, 2026Updated last week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,338Updated this week
- A Suricata based NDR distribution☆1,590Sep 13, 2025Updated 5 months ago