Awesome Security lists for SOC/CERT/CTI

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Main Sigma Rule Repository

Lead Security Engineer

Free and open log management

Awesome list of keywords and artifacts for Threat Hunting sessions

SEKOIA.IO Documentation - The Intelligence-Driven SaaS SIEM

Open source security data pipelines.

Some custom integrations for Wazuh SIEM

Kaspersky Security Center: custom decoders and rules for Wazuh SIEM

In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (a SIEM tool).

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.

Deploying the open-source SIEM/EDR solution, Wazuh and stress testing the capabilities of the platform.

AI Ruleness OT SIEM for ICS

Intrusion detection and active response

A comprehensive collection of tools, scripts, and documentation for managing and utilizing the ELK (Elasticsearch, Logstash, Kibana) stack effectively. This repository compiles information and best practices from several authoritative sources, providing a centralized resource for deploying and maintaining the ELK stack.

Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence

Правила корреляции и нормализаторы для KUMA

Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.