Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
☆1,239Feb 23, 2026Updated 2 weeks ago
Alternatives and similar repositories for Wazuh-Rules
Users that are interested in Wazuh-Rules are comparing it to the libraries listed below
Sorting:
- Useful scripts for those administering Wazuh☆93Jan 6, 2026Updated 2 months ago
- SOCFortress CoPilot☆439Updated this week
- Wazuh integration TheHive☆41Feb 21, 2023Updated 3 years ago
- Playbooks for SOC Analysts☆684Dec 11, 2022Updated 3 years ago
- ☆41Aug 26, 2023Updated 2 years ago
- Open Source SIEM Stack☆140Feb 11, 2026Updated 3 weeks ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆32Sep 26, 2024Updated last year
- Convert Sigma rules to Wazuh rules☆74Sep 13, 2025Updated 5 months ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- Sigma to Wazuh rule converter☆18Sep 28, 2025Updated 5 months ago
- Wazuh - Ruleset☆508Sep 19, 2024Updated last year
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆96Apr 13, 2022Updated 3 years ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,208Updated this week
- Collaborative Incident Response platform☆1,429Feb 16, 2026Updated 3 weeks ago
- IRIS Module for Wazuh-Indexer Searching☆11Nov 24, 2023Updated 2 years ago
- Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.☆14,881Updated this week
- ☆20Jan 20, 2023Updated 3 years ago
- Digging Deeper....☆3,799Updated this week
- Main Sigma Rule Repository☆10,156Mar 2, 2026Updated last week
- Repo to hold wazuh manager mcp server☆74Sep 22, 2025Updated 5 months ago
- A repository of sysmon configuration modules☆2,987Aug 21, 2024Updated last year
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆72Jul 21, 2021Updated 4 years ago
- A configuration to allow Wazuh to communicate with ChatGPT, based on https://loggar.hashnode.dev/augmenting-wazuh-with-chatgpt-integratio…☆24Mar 20, 2023Updated 2 years ago
- Wazuh prometheus exporter☆35Jul 4, 2025Updated 8 months ago
- Tools to integrate 2 great security tools OPNsense and Wazuh☆31Aug 26, 2021Updated 4 years ago
- Tools for Wazuh by Juan C. Tello☆15Jan 13, 2022Updated 4 years ago
- In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…☆60Updated this week
- ☆22Mar 1, 2022Updated 4 years ago
- Open Cyber Threat Intelligence Platform☆8,960Updated this week
- ☆20Oct 17, 2021Updated 4 years ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,460Mar 2, 2026Updated last week
- ☆221May 9, 2024Updated last year
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,051Feb 24, 2026Updated last week
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆722Sep 23, 2024Updated last year
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Nov 20, 2024Updated last year
- Automated Adversary Emulation Platform☆6,795Updated this week
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆13Aug 19, 2022Updated 3 years ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,347Feb 19, 2026Updated 2 weeks ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆11,632Mar 2, 2026Updated last week