frack113

sigma_redcanaryco

Knowing which rule should trigger according to the redcannary test

RustMyDetection

Mimic a malware in Rust

sigma

Generic Signature Format for SIEM Systems

WAG

Generating Windows malware Artefacts for detection testing

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

pySigma

Python library and tools to parse and convert Sigma rules into queries (and whatever else you could imagine)

pySigma-backend-splunk

pySigma Splunk backend

sysmon-config

Sysmon configuration file template with default high-quality event tracing

AtomicTestHarnesses

Public Repo for Atomic Test Harness

aurora-helpers

Helper scripts and configs to be used with Aurora Agent

frack113

Config files for my GitHub profile.

LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

pySigma-backend-cortexxdr

pySigma-backend-datadog

Datadog pySigma backend

pySigma-backend-elasticsearch

pySigma Elasticsearch backend

pySigma-backend-insightidr

pySigma-backend-opensearch

pySigma OpenSearch backend

pySigma-backend-QRadar-AQL

QRadar AQL backend for converting Sigma rules to QRadar AQL queries

pySigma-backend-sqlite

pySigma SQlite backend

pySigma-pipeline-sysmon

SigmaHQ pySigma Sysmon processing pipeline

pySigma-pipeline-windows

pySigma-plugin-directory

Directory of pySigma backends

pySigma-validators-sigmaHQ

pySigma-yml-pipeline

Unofficial pySigma Yaml pipeline

sigma-cli

The Sigma command line interface based on pySigma

sigma-mitre

Sigma rules MITRE Heat Map

sigma-specification

Sigma rule specification

sigma_logsource_helper

Small questions to help select the right logsource for effective detection

sigmahq.github.io

Official Website Of The Sigma Project

Zircolite

A standalone SIGMA-based detection tool for EVTX.