sigma

Rapidly Search and Hunt through Windows Forensic Artefacts

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

The privacy-focused cryptocurrency

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Tenzir is the data pipeline engine for security teams.

Documentation and scripts to properly enable Windows event logs.

Bulletproofs are short non-interactive zero-knowledge proofs that require no trusted setup

This project is a SIEM with SIRP and Threat Intel, all in one.

Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques

SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)

Code to retrieve data for the programming languages influence visualizations from Freebase

Resources To Learn And Understand SIGMA Rules

Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

SIEGMA - Transform Sigma rules into SIEM consumables

Rocket powered machine learning. Create, compare, adapt, improve - artificial intelligence at the speed of thought.

Threat Alert Logic Repository

A Go implementation and parser for Sigma rules.

S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator