rsigma 0.18.0

CLI for parsing, validating, linting and evaluating Sigma detection rules
{
  "name": "rsigma coverage",
  "versions": {
    "attack": "16",
    "navigator": "5.0.0",
    "layer": "4.5"
  },
  "domain": "enterprise-attack",
  "description": "Rule coverage generated by rsigma; score = number of rules per technique (4 techniques).",
  "sorting": 3,
  "hideDisabled": false,
  "gradient": {
    "colors": [
      "#ffffcc",
      "#fd8d3c",
      "#bd0026"
    ],
    "minValue": 0,
    "maxValue": 1
  },
  "techniques": [
    {
      "techniqueID": "T1047",
      "score": 1,
      "comment": "WMI",
      "enabled": true
    },
    {
      "techniqueID": "T1059",
      "score": 1,
      "comment": "Cmd",
      "enabled": true,
      "showSubtechniques": true
    },
    {
      "techniqueID": "T1059.001",
      "score": 1,
      "comment": "PowerShell",
      "enabled": true
    },
    {
      "techniqueID": "T1218.001",
      "score": 1,
      "comment": "Rundll32",
      "enabled": true
    }
  ]
}