sigma

There are 7 repositories under sigma topic.

WithSecureLabs / chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
attack blueteam chainsaw countercept detection dfir forensics logs rust security sigma threat-hunting windows
Language:Rust 3356
Yamato-Security / hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
dfir threat hunting windows event logs rust sigma detection attack forensics incident response hayabusa yamato security cybersecurity incident-response security-automation threat-hunting
Language:Rust 2908
Yamato-Security / WELA-deprecated
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）
dfir log analysis forensics incident response sigma windows event logs threat hunting timeline
Language:PowerShell 777
firo
firoorg / firo
The privacy-focused cryptocurrency
asic-resistant blockchain cryptocurrency cryptography lelantus merkle-tree merkle-tree-proof-of-work p2p privacy sigma zcoin zero-knowledge zero-knowledge-proofs zerocoin zkp
Language:C++ 767
wagga40 / Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
sigma python3 evtx sigma-rules detection auditd sysmon pysigma evtxtract forensics forensics-tools
Language:Python 750
tenzir
tenzir / tenzir
Tenzir is the data pipeline engine for security teams.
incident-response threathunting siem soc security dataops investigation pcap secdataops netflow suricata zeek pipelines sigma hacktoberfest
Language:C++ 705
Yamato-Security / EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
auditing dfir event forensics hayabusa logs monitoring security sigma sysmon windows
Language:Batchfile 639
sdiehl / bulletproofs
Bulletproofs are short non-interactive zero-knowledge proofs that require no trusted setup
cryptography zero-knowledge range-proofs zksnarks pedersen-commitment sigma elliptic-curves zk-snarks bulletproofs
Language:Haskell 544
V1D1AN / S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
kibana elasticsearch logstash filebeat suricata zeek opencti misp malware sigma thehive docker cortex arkime mwdb n8n zircolite yara velociraptor
Language:Shell 463
mdecrevoisier / SIGMA-detection-rules
Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
sigma windows mitre-attack threat-hunting powershell
392
Yamato-Security / hayabusa-rules
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
windows dfir event log analysis sigma hayabusa mitre attack
Language:Python 203
socprime / SigmaUI
SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
elastic elasticsearch elk-stack kibana kibana-plugin sigma
Language:Python 189
programming-languages-influence
yaph / programming-languages-influence
Code to retrieve data for the programming languages influence visualizations from Freebase
computer-science data-visualization freebase graph influence network network-analysis programming-languages python sigma visualization
Language:Python 187
nasbench / SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
sigma rules detection detection-engineering sigma-rules resources learning windows linux awesome
181
UncoderIO / Uncoder_IO
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
datalake edr roota siem sigma threathunting translation xdr uncoder uncoderio
Language:Python 165
SIEGMA
3CORESec / SIEGMA
SIEGMA - Transform Sigma rules into SIEM consumables
sigma detection-engineering siem security data-driven
Language:Python 157
Yamato-Security / suzaku
Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
aws azure detection dfir engineering entra forensics gcp hunting id incident log monitoring response security sigma threat
Language:Rust 153
ThinkingTransistor / Sigma
Rocket powered machine learning. Create, compare, adapt, improve - artificial intelligence at the speed of thought.
artificial-intelligence artificial-neural-networks deep-learning framework gpu learning learninghowcomputerslearn machine machine-learning neural-network sigma
Language:C# 120
northsh / detection.studio
Convert Sigma rules to SIEM queries, directly in your browser.
detection rules siem sigma sigmahq
Language:Vue 95
JPEGView-Static
annh9b / JPEGView-Static
JPEGView-Static Absolute Image Viewer for Windows supports nearly ALL image file formats, including too old and too new ones, so it is called Absolute.
jpeg png tiff editor viewer windows tiny bmp jpg statically-linked webp camera-raw canon dng fuji nikon sigma sony
Language:C++ 93
sigma-go
bradleyjkemp / sigma-go
A Go implementation and parser for Sigma rules.
sigma detection-engineering
Language:Go 92
SecurityRiskAdvisors / TALR
Threat Alert Logic Repository
siem stix taxii sigma
Language:Shell 92
3CORESec / S2AN
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
sigma threat-hunting threat-modeling mitre-attack sigma-rules suricata suricata-rules
Language:C# 89
AttackIQ / SigmAIQ
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
detection-engineering langchain llm python3 security security-tools sigma sigma-rules
Language:Python 86
sigmai
0xThiebaut / sigmai
Import specific data sources into the Sigma generic and open signature format.
security monitoring siem logging signatures ids misp sigma
Language:Go 78
sdiehl / schnorr-nizk
Schnorr Protocol for Non-interactive Zero-Knowledge Proofs
commitment cryptography schnorr-protocol sigma zero-knowledge
Language:Haskell 76
sametsazak / sysmon
Sysmon and wazuh integration with Sigma sysmon rules [updated]
wazuh sysmon ossec security-tools security sysmon-config wazuh-manager sigma
70
rohaquinlop / automathon
A Python library for simulating and visualizing finite automata
automata dfa epsilon-nfa nfa pypi python python-automaton python-library python3 sigma visualization
Language:Python 68
lvpp / sigma
LVPP sigma-profile database + COSMO-SAC parametrizations
activity cosmo cosmo-rs cosmo-sac database f-sac gamess mopac sigma unifac
Language:Python 66
alx / parasol
A network graph exploration tool
sigma react network-graph visualization
Language:JavaScript 64
3CORESec / Automata
Automatic detection engineering technical state compliance
sigma caldera detection detection-engineering
Language:Python 55
calebstewart / python-sigma
Python API for interacting with sigma rules.
cyber security blueteam detection sigma
Language:Python 54
Loginsoft-LLC / threat-detection-rules
Threat Detection & Anomaly Detection rules for popular open-source components
siem threat-detection sigma elasticsearch anomaly-detection threat-hunting splunk
53
M3NIX / sigmaio
simple webapp for converting sigma rules into siem queries using the pySigma library
detection-engineering pysigma sigma splunk
Language:HTML 51
lprat / static_file_analysis
Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
analysis yara-rules clamav malware-analysis security-tools security static-analysis defensive-security sigma yara docker
Language:YARA 50
grafana / pySigma-backend-loki
pySigma backend for generating Grafana Loki/LogQL rules
loki siem sigma
Language:Python 47