#siem
Everything across writeups and projects that touches this topic.
Projects
builds & tooling
- Python · Defensive Security
BlueStack — SIEM-in-a-Box for the B0bTheSkull Blue-Team Toolkit
A pre-wired ELK stack that ingests JSON from four custom blue-team tools, normalizes severity, tags events to MITRE ATT&CK techniques, and surfaces everything in Kibana — one command to stand up
- Python · Detection Engineering
SigmaForge — Sigma Rule Writer, Validator, and Multi-Backend Converter
A CLI tool that wraps the pySigma ecosystem to validate, inspect, and convert Sigma detection rules to SIEM query languages during the authoring loop