#Sigma-rules
Showing 11 of 11 repositories tagged #sigma-rules, ranked by stars
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Local safety layer for AI agents that use the terminal. Screens risky commands and MCP/tool calls, watches Linux activity with eBPF, blocks dangerous behavior, and keeps audit trails local. Open source, self-hosted, dry-run by default.
BlackBerry Threat Research & Intelligence
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
Open-source security platform for AI agents -- audits skills before install, monitors 24/7, shares threat intelligence across all users. | AI Agent 開源安全平台 -- 安裝前審計 skill、24/7 即時監控、社群共享威脅情報。
Complete Claude skills toolkit for professional malware analysis. 5 specialized skills covering triage, dynamic analysis, detection engineering, and reporting. Works with REMnux/FlareVM offline environments.
Open source HIDS tailored for Microsoft Windows and Active Directory
MCP server with 55 security intelligence tools — CVE/KEV, MITRE ATLAS+D3FEND, Sigma detection rules, email security posture (SPF/DMARC), domain & web intel, threat intel.
AI-driven automated threat analysis pipeline that routes files, URLs, IPs, domains, or images through specialized security analyzers and generates professional PWNDoc reports with integrated YARA and Sigma rule.
Convert Sigma Rules to different formats
🦅 ZeroScout: The Autonomous Local & Cloud Threat Hunter. Visualize attacks in a live War Room, identify APT groups via Genetic Analysis, and auto-generate defense rules (YARA/SIGMA). DFIR & Malware Analysis Framework.