frack113's repositories
sigma_redcanaryco
Knowing which rule should trigger according to the redcannary test
RustMyDetection
Mimic a malware in Rust
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
pySigma-backend-splunk
pySigma Splunk backend
sysmon-config
Sysmon configuration file template with default high-quality event tracing
AtomicTestHarnesses
Public Repo for Atomic Test Harness
aurora-helpers
Helper scripts and configs to be used with Aurora Agent
LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
pySigma-backend-datadog
Datadog pySigma backend
pySigma-backend-elasticsearch
pySigma Elasticsearch backend
pySigma-backend-opensearch
pySigma OpenSearch backend
pySigma-backend-QRadar-AQL
QRadar AQL backend for converting Sigma rules to QRadar AQL queries
pySigma-backend-sqlite
pySigma SQlite backend
pySigma-pipeline-sysmon
SigmaHQ pySigma Sysmon processing pipeline
pySigma-plugin-directory
Directory of pySigma backends
pySigma-yml-pipeline
Unofficial pySigma Yaml pipeline
sigma-cli
The Sigma command line interface based on pySigma
sigma-mitre
Sigma rules MITRE Heat Map
sigma-specification
Sigma rule specification
sigma_logsource_helper
Small questions to help select the right logsource for effective detection
sigmahq.github.io
Official Website Of The Sigma Project
Zircolite
A standalone SIGMA-based detection tool for EVTX.