Advanced behavioral detection rules for blue teams, SOC analysts, and threat hunters. This repo includes handcrafted SIGMA rules aligned with MITRE ATT&CK, focused on real-world adversary tradecraft observed in offensive security operations and malware investigations.

BEWARE - SOME SIGMA CAN BE DANGEROUS!