Skip to content

Sigma detection rules for hunting with the threathunting-keywords project

Notifications You must be signed in to change notification settings

mthcht/ThreatHunting-Keywords-sigma-rules

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

84 Commits
 
 
 
 
 
 
 
 

Repository files navigation

ThreatHunting-Keywords-sigma-rules

Low quality sigma detections rules for hunting with Threat Hunting keywords from ThreatHunting-Keywords

You have the flexibility to regenerate all the rules using your own fields. This can be achieved by adjusting the field variables found in the script located here: https://github.com/mthcht/ThreatHunting-Keywords-sigma-rules/blob/main/_utils/create_sigma_rules.py

Developed as an alternative solution for specific XDR/SIEM systems that exclusively operate with Sigma files, circumventing the limitations of not being able to use lookup tables