This is my main repo for SIGMA, YARA, KQL and other types of query rules for your SIEMs and XDRs!
This repo is comprised of many folders, each one hold detection query's for your platform of choice. They are separated by the query language that they use!
For example, you will find all of the rules writen in the SIGMA format unser the "SIGMA" folder.
My team has a detection.ai group named "SIBS Cyberwatch", this is where I put them out first, and then i go ahead and update this repo based on that.
Link for it: https://detections.ai/share/group/WUYtebPp
At some point we will also add threat hunting reports to this community as well! And even post in a social media of some sort wink wink
You can anytime submit a request on this repo, as well as shooting me an e-mail @ remotecodeexecution@remotekingdom.pt. (yes i know the e-mail is kinda corny, but idc)