Useful Sigma SIEM Detection Rules for SecurityOnion, Wazuh and more ... - C2RT/Sigma

Convert Sigma rules to SIEM queries, directly in your browser. - northsh/detection.studio

Contribute to LevaAverGit/mini-siem-detection-lab-v2 development by creating an account on GitHub.

Convert Sigma detection rules to production-ready Wazuh XML. CLI tool with batch processing, ZIP input, field mapping, and config file support. - heraclescap/sigwaz-cli

A detections-as-code repository implementing open-source Sigma rules and structured Wazuh SIEM JSON telemetry alerts. Orchestrates a local Python automation engine to ingest rule-matched alert bloc...

cybersecurity soc ransomware mitre-attack sigma threat-detection siem machine-learning python blue-team - vkmahalakshmi03/hybrid-ransomware-detection

A GitHub Action-based uploader that automatically syncs Sigma detection rules from the SigmaHQ repository to the SIEM Rules. - muchdogesec/sigmahq2siemrules

A Python toolkit for first-level SOC triage: failed login detection, IOC matching, Nmap exposure parsing, IAM risk triage, JSON findings, Markdown reports, and automated tests. - sanyasachdeva1/pyt...

ESLint-style linter for Sigma detection rules. Validates against Sigma 2.1.0, scores rules across six quality dimensions, emits stable rule IDs. - ni5h4nt/sigmalint

Flipper Zero BadUSB payloads paired with SIGMA detection rules and KQL hunting queries - descambiado/flipper-purple-team

Repository for auto update and convert sigma rules to clicksiem - clicksiem/sigma_rules

Tenzir is the data pipeline engine for security teams. - tenzir/tenzir

Generate, validate, and convert Sigma rules to six SIEM query languages and Detection-as-Code JSON with a vendor-agnostic Flask UI and CLI - Unaddicted-swisspine980/SigmaForge

A collection of detection rules and hunting queries for various SIEM and EDR platforms, including Sigma, Elastic, Splunk, and Wazuh. - wahidhendrawan/Detection-Rules

From the headlines to the SIEM: daily detection content built from public threat intel — Sigma, KQL, SPL, YARA — with attribution, ATT&CK mapping, and false-positive notes. - javierDAW/dete...

AI-Powered SIEM Platform is a cybersecurity solution that monitors and analyzes security logs in real time. It uses AI, machine learning, and Sigma rules to detect threats, generate alerts, and aut...

DFIR catalog: 6,551 forensic artifacts, LOL/LOFL binaries, abusable sites — query via 4n6query CLI or Rust library - SecurityRonin/forensicnomicon

Browse, search, and outline regulation documents with Word numbering support for .docx, .doc, .txt, and PDF files - Lowsodiumdietdevotional330/RuleScope

SIEM 형태의 보안 로그 수집 / 검색 / 알람 플랫폼 (ECS / OCSF + OpenSearch + ClickHouse + Kafka + Flink + 멀티테넌트 + ISMS-P) - ssa1004/security-log-search

A complete Sigma detection toolkit: parser, linter, evaluator, correlation engine, conversion framework, streaming daemon, and LSP server :crab: - timescale/rsigma