Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
19 Open 4,133 Closed
19 Open 4,133 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Fix FP Forest-Blizzard/proc_creation_win_apt_forest_blizzard_activity
Emerging-Threats Rules
#4851 opened May 11, 2024 by frack113 Loading…
Cleanup condition writing
Rules Windows Pull request add/update windows related rules
#4850 opened May 11, 2024 by frack113 Loading…
Create proc_creation_win_veeam_cve_2024_29212.yml
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4848 opened May 10, 2024 by prashanthpulisetti Loading…
Suspicious Browser Launch
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4840 opened Apr 30, 2024 by skaynum Loading…
@nasbench
Kapeka backdoor sigma rules
Emerging-Threats Rules Work In Progress Some changes are needed
#4831 opened Apr 22, 2024 by swachchhanda000 Loading…
@nasbench
LOLBAS wbadmin rule
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4830 opened Apr 20, 2024 by frack113 Loading…
@nasbench
Suspicious keyscrambler child process
Rules Windows Pull request add/update windows related rules
#4818 opened Apr 15, 2024 by swachchhanda000 Loading…
New Rule: proc_creation_macos_sysctl_discovery.yml
MacOS Pull request add/update macos related rules Rules Work In Progress Some changes are needed
#4785 opened Mar 26, 2024 by pratinavchandra Loading…
@nasbench
2
Create file_event_win_malware_darkgate_autoit3_save_temp.yml
Emerging-Threats Rules Work In Progress Some changes are needed
#4784 opened Mar 26, 2024 by tomaszdyduch Loading…
@nasbench
1
New Rule: proc_creation_macos_susp_launchctl_execution.yml
MacOS Pull request add/update macos related rules Rules Work In Progress Some changes are needed
#4782 opened Mar 23, 2024 by pratinavchandra Loading…
@nasbench
1
Qemu c2 tunnel
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4778 opened Mar 21, 2024 by faisalusuf Loading…
@nasbench
New Rule - proc_creation_macos_susp_download_nscurl.yml
Work In Progress Some changes are needed
#4773 opened Mar 16, 2024 by DefenderDaniel Loading…
@nasbench
1
New Rule for Suspicious Network Tunneling with QEMU
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4766 opened Mar 13, 2024 by threatHNTR Loading…
@nasbench
1
New rules related with Raspberry Robin TTPs
Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Work In Progress Some changes are needed
#4763 opened Mar 11, 2024 by swachchhanda000 Loading…
@nasbench
9
Update Multiple Rules to cover the '-' flags along with '/' flags
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4739 opened Feb 26, 2024 by qasimqlf Loading…
@nasbench
1
Sigma tactics organizer
Maintenance Related to additions and update of the repository features
#4625 opened Dec 12, 2023 by dan21san Loading…
2
New rules suggested for AD Container WRITE_DAC & WRITE_OWNER detection + DNS Server DLL injection
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4606 opened Nov 30, 2023 by woundride Loading…
@nasbench
2
Create proc_creation_dev_tunnel_execution.yml
Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#4544 opened Nov 6, 2023 by blueteam0ps Loading…
@nasbench
Add LDAP firewall application rules Rules Work In Progress Some changes are needed
#4528 opened Oct 30, 2023 by dekelpaz Loading…
@nasbench
6
ProTip! Adding no:label will show everything without a label.