u-siem / u-siem-coreLinks
Framework definitions that allow to build a custom SIEM.
☆27Updated 11 months ago
Alternatives and similar repositories for u-siem-core
Users that are interested in u-siem-core are comparing it to the libraries listed below
Sorting:
- A Rust library for parsing and evaluating Sigma rules☆14Updated 3 months ago
- A cross platform forensic parser written in Rust!☆93Updated this week
- Cyber threat intelligence crates for Rust☆16Updated last year
- A parser for the MFT (Master File Table) format☆145Updated 2 years ago
- Rust bindings for VirusTotal/Yara☆78Updated 6 months ago
- Rust implementation of the DCSO Bloom filter☆28Updated last month
- Golang library that implements a sigma log rule parser and match engine.☆98Updated last year
- A document tagging library☆30Updated 5 months ago
- LOKI2 - Simple IOC and YARA Scanner☆102Updated 2 months ago
- A Rust library for managing eBPF programs.☆120Updated last year
- FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time al…☆163Updated 3 weeks ago
- MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery☆52Updated this week
- An implementation of a Windows Event Collector server running on GNU/Linux.☆77Updated last week
- Artifact collection tool for *nix systems☆210Updated last year
- Cisco Orbital - Osquery queries by Talos☆134Updated last year
- A Go implementation and parser for Sigma rules.☆90Updated 3 months ago
- ☆222Updated last year
- Signature engine for all your logs☆171Updated last year
- A Fast (and safe) parser for the Windows XML Event Log (EVTX) format☆790Updated last week
- SIEGMA - Transform Sigma rules into SIEM consumables☆154Updated 5 months ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆291Updated 3 months ago
- Safe and performant YARA rules evaluator in Rust☆66Updated last week
- OSSEM Detection Model☆177Updated 2 years ago
- An opensource sigma conversion tool built using pysigma☆133Updated last week
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆78Updated this week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆116Updated 4 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆156Updated 6 months ago
- Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact).☆415Updated last year
- PAL (Pcap Analysis Library)☆102Updated last month
- Automated YARA Rule Standardization and Quality Assurance Tool☆239Updated this week