Sigma Rules
Showing 11 of 11 projects
A generic and open signature format for describing log event detections, shareable across SIEM systems.
A generic and open signature format for describing log event detections, shareable across SIEM systems.
A curated list of awesome open-source tools, detection rules, datasets, and resources for threat detection and hunting.
A fast, standalone tool for rapid threat hunting and forensic analysis of Windows event logs and other forensic artefacts.
A Sigma-based threat hunting and fast forensics timeline generator for Windows event logs, written in Rust.
A forensics intelligence platform that bridges CTI and DFIR by storing threat intelligence and enabling bulk observable searches and threat-focused analysis.
A threat hunting tool that analyzes Windows event logs to detect APT movements and suspicious activity using pre-defined rules and statistical analysis.
A standalone Python tool for applying SIGMA detection rules to EVTX, Auditd, Sysmon for Linux, and other log formats.
A framework for executing and detecting cloud attacker TTPs via YAML definitions, generating APIs, Sigma rules, and documentation.
An autonomous open-source security agent for Linux that detects, scores, and automatically responds to threats using eBPF, AI, and collaborative defense.
A PowerShell tool for auditing and configuring Windows event log settings to improve security visibility and detection capabilities.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.