Detection-Wizard is designed to simplify rule management and enhance threat detection capabilities. This is a GUI tool that consolidates detection rules from multiple sources into a single central repository. Whether you're working with YARA, Suricata, Sigma, Sysmon, QRadar or Splunk. IOCs have also been added so you can manage your infastructure before and after and attack and see your security posture.
- Multi-Tool Support:
-
98,000+ YARA files
- 2,300,000+ YARA rules
-
350+ Suricata files
-
7,000+ Sigma files
-
7 Sysmon Configurations files
-
SIEMS
- Splunk: Detection configurations for Splunk environments. 📈
- QRadar: Detections for IBM QRadar SIEM
-
Contributions are welcome! Whether you have suggestions for new sources, improvements in parsing logic, or additional features, please feel free to open an issue or submit a pull request. 💡