This repository is a curated collection of detection rules authored by Matthew Iverson, Sigma Rules by data source (Windows, Syslog, Zeek). The goal is to provide defenders with a centralized, modular resource for quickly identifying and deploying high-fidelity detections across multiple log types and platforms. While these rules are currently untested, they are based on real-world use cases, mapped to MITRE ATT&CK, and written with clarity and customization in mind.
NONE OF THESE ARE TESTED YET