Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with standardized metadata and threat intelligence to enable automated translation into other languages
☆138Jul 19, 2024Updated last year
Alternatives and similar repositories for Roota
Users that are interested in Roota are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆191Dec 2, 2025Updated 6 months ago
- Malware detonation platform Polygon integration☆10Aug 1, 2023Updated 2 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆13Mar 19, 2026Updated 2 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆18Mar 21, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 6 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆61Mar 12, 2022Updated 4 years ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆62Jul 31, 2025Updated 10 months ago
- An opensource sigma conversion tool built using pysigma☆169May 25, 2026Updated 2 weeks ago
- OCSF Schema WEB Server☆60May 1, 2026Updated last month
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆421Jun 3, 2026Updated last week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆341May 24, 2026Updated 2 weeks ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆31Nov 30, 2025Updated 6 months ago
- A collection of scripts for the purpose of gathering open source intelligence, to be presented at GrayHat, BSides Denver, and Information…☆25Feb 4, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Open KLara Project☆37May 18, 2026Updated 3 weeks ago
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 5 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆433May 21, 2026Updated 2 weeks ago
- ☆57Dec 13, 2025Updated 5 months ago
- An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced sec…☆210Apr 3, 2025Updated last year
- Sigma rules to share with the community☆126Jan 29, 2025Updated last year
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆316Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,208Jun 3, 2026Updated last week
- This is a collection of threat detection rules / rules engines that I have come across.☆300May 5, 2024Updated 2 years ago
- Anvilogic Forge☆119Mar 31, 2026Updated 2 months ago
- A detailed list of potentially dangerous file extensions☆18Jun 18, 2025Updated 11 months ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,219Jun 2, 2026Updated last week
- Some of my rough notes for Docker threat detection☆51Aug 26, 2023Updated 2 years ago
- A PowerShell variant of the amazing patch_review.py by kevthehermit☆221Mar 4, 2026Updated 3 months ago
- Active C2 IoCs☆100Nov 28, 2022Updated 3 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Framework for Monitoring File Ingestion Source for Yara Matches☆52Mar 10, 2025Updated last year
- ☆14Jun 1, 2026Updated last week
- Adversary Emulation Planner☆40Jan 9, 2026Updated 5 months ago
- Splunk Security Content☆1,638Updated this week
- ☆19Jan 31, 2025Updated last year
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆20Mar 24, 2026Updated 2 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆116Jun 2, 2026Updated last week