u-siem / u-siem-coreLinks
Framework definitions that allow to build a custom SIEM.
☆27Updated last year
Alternatives and similar repositories for u-siem-core
Users that are interested in u-siem-core are comparing it to the libraries listed below
Sorting:
- A Rust library for parsing and evaluating Sigma rules☆15Updated 4 months ago
- A cross platform forensic parser written in Rust!☆96Updated this week
- Cyber threat intelligence crates for Rust☆16Updated last year
- A parser for the MFT (Master File Table) format☆145Updated 2 years ago
- Rust bindings for VirusTotal/Yara☆78Updated 6 months ago
- Golang library that implements a sigma log rule parser and match engine.☆100Updated last year
- FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time al…☆165Updated last week
- Artifact collection tool for *nix systems☆210Updated last year
- Rust implementation of the DCSO Bloom filter☆28Updated 2 months ago
- LOKI2 - Simple IOC and YARA Scanner☆102Updated 2 months ago
- Cisco Orbital - Osquery queries by Talos☆134Updated last year
- A document tagging library☆30Updated 5 months ago
- Signature engine for all your logs☆171Updated last year
- A Go implementation and parser for Sigma rules.☆92Updated 4 months ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆82Updated 3 weeks ago
- A Fast (and safe) parser for the Windows XML Event Log (EVTX) format☆794Updated last month
- SIEGMA - Transform Sigma rules into SIEM consumables☆155Updated 6 months ago
- A forensic evidence acquirer☆86Updated 4 years ago
- Zeek-Formatted Threat Intelligence Feeds☆376Updated this week
- ☆222Updated last year
- Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.☆319Updated 5 months ago
- A standard for reducing log volume without sacrificing analytical capability☆209Updated 7 months ago
- PAL (Pcap Analysis Library)☆101Updated last month
- Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).☆416Updated last year
- An opensource sigma conversion tool built using pysigma☆133Updated 3 weeks ago
- Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.☆316Updated 11 months ago
- Threat Hunting & Incident Investigation with Osquery☆215Updated 3 years ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆77Updated last week
- An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…☆60Updated 2 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆160Updated 7 months ago