theflakes / StoWLinks
Sigma to Wazuh rule converter
☆17Updated last month
Alternatives and similar repositories for StoW
Users that are interested in StoW are comparing it to the libraries listed below
Sorting:
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆30Updated last year
- Personal scripts☆15Updated last year
- Convert Sigma rules to Wazuh rules☆73Updated last month
- ☆21Updated this week
- ☆39Updated 2 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- Automation tool for Windows Deception Host Burn-In☆86Updated 10 months ago
- ☆19Updated 4 years ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆131Updated last year
- VirtualGHOST Detection Tool☆95Updated last year
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- 🛡️ VIPER: Stay ahead of threats with AI-driven vulnerability intelligence. Prioritize CVEs effectively using NVD, EPSS, CISA KEV, and Go…☆78Updated 2 months ago
- Mapping of open-source detection rules and atomic tests.☆178Updated 9 months ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆57Updated 4 months ago
- Docker image for Velocidex Velociraptor☆138Updated 7 months ago
- DShield Sensor Log Collection with ELK☆42Updated last month
- ☆17Updated 4 years ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 4 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆164Updated 3 weeks ago
- ☆19Updated 2 years ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆122Updated last month
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆54Updated 4 years ago
- OpenCTI–Wazuh connector looking for indicators in Wazuh and creating sightings☆21Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆159Updated 6 months ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆76Updated 2 weeks ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆97Updated 2 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆96Updated this week
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- Repo to hold wazuh manager mcp server☆62Updated last month
- ☆96Updated last week