sigma

Rapidly Search and Hunt through Windows Forensic Artefacts

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

The privacy-focused cryptocurrency

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Tenzir is the data pipeline engine for security teams.

Documentation and scripts to properly enable Windows event logs.

Bulletproofs are short non-interactive zero-knowledge proofs that require no trusted setup

This project is a SIEM with SIRP and Threat Intel, all in one.

Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques

Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.

SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)

Code to retrieve data for the programming languages influence visualizations from Freebase

Resources To Learn And Understand SIGMA Rules

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

SIEGMA - Transform Sigma rules into SIEM consumables

Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.

Rocket powered machine learning. Create, compare, adapt, improve - artificial intelligence at the speed of thought.

Convert Sigma rules to SIEM queries, directly in your browser.

Threat Alert Logic Repository