Pull requests: SigmaHQ/sigma
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
Fix FP Forest-Blizzard/proc_creation_win_apt_forest_blizzard_activity
Emerging-Threats
Rules
#4851
opened May 11, 2024 by
frack113
Loading…
Cleanup condition writing
Rules
Windows
Pull request add/update windows related rules
#4850
opened May 11, 2024 by
frack113
Loading…
Create proc_creation_win_veeam_cve_2024_29212.yml
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4848
opened May 10, 2024 by
prashanthpulisetti
Loading…
Suspicious Browser Launch
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4840
opened Apr 30, 2024 by
skaynum
Loading…
Kapeka backdoor sigma rules
Emerging-Threats
Rules
Work In Progress
Some changes are needed
#4831
opened Apr 22, 2024 by
swachchhanda000
Loading…
LOLBAS wbadmin rule
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4830
opened Apr 20, 2024 by
frack113
Loading…
Suspicious keyscrambler child process
Rules
Windows
Pull request add/update windows related rules
#4818
opened Apr 15, 2024 by
swachchhanda000
Loading…
New Rule: proc_creation_macos_sysctl_discovery.yml
MacOS
Pull request add/update macos related rules
Rules
Work In Progress
Some changes are needed
#4785
opened Mar 26, 2024 by
pratinavchandra
Loading…
Create file_event_win_malware_darkgate_autoit3_save_temp.yml
Emerging-Threats
Rules
Work In Progress
Some changes are needed
#4784
opened Mar 26, 2024 by
tomaszdyduch
Loading…
New Rule: proc_creation_macos_susp_launchctl_execution.yml
MacOS
Pull request add/update macos related rules
Rules
Work In Progress
Some changes are needed
#4782
opened Mar 23, 2024 by
pratinavchandra
Loading…
Qemu c2 tunnel
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4778
opened Mar 21, 2024 by
faisalusuf
Loading…
New Rule - proc_creation_macos_susp_download_nscurl.yml
Work In Progress
Some changes are needed
#4773
opened Mar 16, 2024 by
DefenderDaniel
Loading…
New Rule for Suspicious Network Tunneling with QEMU
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4766
opened Mar 13, 2024 by
threatHNTR
Loading…
New rules related with Raspberry Robin TTPs
Author Input Required
changes the require information from original author of the rules
Emerging-Threats
Rules
Work In Progress
Some changes are needed
#4763
opened Mar 11, 2024 by
swachchhanda000
Loading…
Update Multiple Rules to cover the '-' flags along with '/' flags
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4739
opened Feb 26, 2024 by
qasimqlf
Loading…
Sigma tactics organizer
Maintenance
Related to additions and update of the repository features
#4625
opened Dec 12, 2023 by
dan21san
Loading…
New rules suggested for AD Container WRITE_DAC & WRITE_OWNER detection + DNS Server DLL injection
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4606
opened Nov 30, 2023 by
woundride
Loading…
Create proc_creation_dev_tunnel_execution.yml
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4544
opened Nov 6, 2023 by
blueteam0ps
Loading…
Add LDAP firewall application rules
Rules
Work In Progress
Some changes are needed
#4528
opened Oct 30, 2023 by
dekelpaz
Loading…
ProTip!
Adding no:label will show everything without a label.