socfortress/Wazuh-Rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

socfortress/Wazuh-Rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/socfortress/Wazuh-Rules)

Close

socfortress / Wazuh-RulesView on GitHubMore

• External links
• Readme badge

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

☆1,284Mar 11, 2026Updated last month

Alternatives and similar repositories for Wazuh-Rules

Users that are interested in Wazuh-Rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• branchnetconsulting / wazuh-tools

  View on GitHub
  Useful scripts for those administering Wazuh
  ☆95Jan 6, 2026Updated 3 months ago
• socfortress / CoPilot

  View on GitHub
  SOCFortress CoPilot
  ☆461Updated this week
• socfortress / SOCFortress-Threat-Intel

  View on GitHub
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆33Sep 26, 2024Updated last year
• crow1011 / wazuh2thehive

  View on GitHub
  Wazuh integration TheHive
  ☆42Feb 21, 2023Updated 3 years ago
• socfortress / iris-wazuhindexer-module

  View on GitHub
  IRIS Module for Wazuh-Indexer Searching
  ☆12Nov 24, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• socfortress / Playbooks

  View on GitHub
  Playbooks for SOC Analysts
  ☆701Dec 11, 2022Updated 3 years ago
• theflakes / sigma_to_wazuh

  View on GitHub
  Convert Sigma rules to Wazuh rules
  ☆76Sep 13, 2025Updated 7 months ago
• socfortress / OSSIEM

  View on GitHub
  Open Source SIEM Stack
  ☆144Apr 1, 2026Updated 2 weeks ago
• juaromu / wazuh-opencti

  View on GitHub
  ☆43Aug 26, 2023Updated 2 years ago
• wazuh / wazuh-ruleset

  View on GitHub
  Wazuh - Ruleset
  ☆513Sep 19, 2024Updated last year
• 0xbad53c / wazuh-detection-rules

  View on GitHub
  Our collection of Wazuh detection rules for our Offense Lab
  ☆19Feb 13, 2022Updated 4 years ago
• wazuh / wazuh

  View on GitHub
  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
  ☆15,284Updated this week
• Hestat / ossec-sysmon

  View on GitHub
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆97Apr 13, 2022Updated 4 years ago
• AnonymousWP / Wazuh-ChatGPT-integration

  View on GitHub
  A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…
  ☆25Mar 20, 2023Updated 3 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• bayusky / wazuh-custom-rules-and-decoders

  View on GitHub
  In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…
  ☆62Mar 7, 2026Updated last month
• Shuffle / Shuffle

  View on GitHub
  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
  ☆2,240Apr 10, 2026Updated last week
• juaromu / wazuh-misp

  View on GitHub
  ☆20Jan 20, 2023Updated 3 years ago
• socfortress / wazuh-mcp-server

  View on GitHub
  Repo to hold wazuh manager mcp server
  ☆79Sep 22, 2025Updated 6 months ago
• theflakes / StoW

  View on GitHub
  Sigma to Wazuh rule converter
  ☆21Sep 28, 2025Updated 6 months ago
• dfir-iris / iris-web

  View on GitHub
  Collaborative Incident Response platform
  ☆1,465Apr 8, 2026Updated last week
• cloudfence / opnsense-wazuh

  View on GitHub
  Tools to integrate 2 great security tools OPNsense and Wazuh
  ☆32Aug 26, 2021Updated 4 years ago
• pyToshka / wazuh-prometheus-exporter

  View on GitHub
  Wazuh prometheus exporter
  ☆36Jul 4, 2025Updated 9 months ago
• OpenSecureCo / Wazuh-Rules-1

  View on GitHub
  Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
  ☆13Aug 19, 2022Updated 3 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• misje / wazuh-opencti

  View on GitHub
  Wazuh extension looking up alert data against indicators in OpenCTI threat intel
  ☆21Feb 4, 2024Updated 2 years ago
• sametsazak / sysmon

  View on GitHub
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆73Jul 21, 2021Updated 4 years ago
• juaromu / wazuh-nmap

  View on GitHub
  ☆23Mar 1, 2022Updated 4 years ago
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,309Apr 1, 2026Updated 2 weeks ago
• juaromu / wazuh

  View on GitHub
  ☆21Oct 17, 2021Updated 4 years ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆3,016Aug 21, 2024Updated last year
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,903Updated this week
• tguard-soc-package / nusantara

  View on GitHub
  ☆221May 9, 2024Updated last year
• jctello / JCT-Wazuh

  View on GitHub
  Tools for Wazuh by Juan C. Tello
  ☆16Jan 13, 2022Updated 4 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• socfortress / ASK-SOCFortress

  View on GitHub
  Your Open-Source SOC Assistant
  ☆12Apr 5, 2023Updated 3 years ago
• nateuribe / Wazuh-IRIS-integration

  View on GitHub
  (Unofficial) Wazuh integration to send alerts to IRIS.
  ☆23Jan 1, 2025Updated last year
• wazuh / wazuh-docker

  View on GitHub
  Wazuh - Docker containers
  ☆1,075Updated this week
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,509Apr 1, 2026Updated 2 weeks ago
• OpenCTI-Platform / opencti

  View on GitHub
  Open Cyber Threat Intelligence Platform
  ☆9,149Updated this week
• averydiversifiedtech / ossec-wazuh-manager-zabbix

  View on GitHub
  Zabbix Templates and scripts to monitor OSSEC or Wazuh Manager Intrusion Detection
  ☆16Sep 18, 2025Updated 7 months ago
• socfortress / iris-velociraptorartifact-module

  View on GitHub
  IRIS Module to Run Any Velociraptor Artifact
  ☆15Mar 31, 2023Updated 3 years ago