Skip to content

Pull requests: SigmaHQ/sigma

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Assignee
Filter by who’s assigned
Sort

Pull requests list

add new rule for password_group_discovery Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5103 opened Dec 1, 2024 by CheraghiMilad Loading…
Proc creation lnx local account Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5099 opened Nov 30, 2024 by CheraghiMilad Loading…
Add a new technique with a service Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules
#5098 opened Nov 30, 2024 by CheraghiMilad Loading…
Proc creation lnx exfiltration data via sftp protocol (winscp tool) Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5096 opened Nov 29, 2024 by CheraghiMilad Loading…
Quick Assist Detection in the environment Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5095 opened Nov 29, 2024 by faisalusuf Loading…
add rule for impair system power settings 2nd Review Needed PR need a second approval Linux Pull request add/update linux related rules Rules
#5090 opened Nov 24, 2024 by CheraghiMilad Loading…
Expand ESXi Detections with ESXCli & VIM-CMD Detections 2nd Review Needed PR need a second approval Linux Pull request add/update linux related rules Rules
#5087 opened Nov 23, 2024 by AlbinoGazelle Loading…
Update proc_creation_win_findstr_security_keyword_lookup.yml Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5085 opened Nov 20, 2024 by MalGamy12 Loading…
Detects the immediate execution of Python web servers (e.g., http.server) via the command line interface (CLI) Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5079 opened Nov 13, 2024 by mlakri Loading…
Create Suspicious_Access_Attempt_to_the_cert Windows_Share_Possible_C… Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5073 opened Nov 7, 2024 by NinnessOtu Loading…
RightToLeft Obfuscation - PowerShell Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5072 opened Nov 6, 2024 by FilipPwn Draft
This is a proposal for SUID Enumeration Using Find Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5071 opened Nov 4, 2024 by mlakri Draft
Create microsoft365_teams_guest_rmm_deployment.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5066 opened Nov 1, 2024 by prashanthpulisetti Loading…
Converted Auditd rules Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules
#5059 opened Oct 22, 2024 by defensivedepth Loading…
Create proc_creation_win_reg_add_AutoAdminLogon_key.yml Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5053 opened Oct 16, 2024 by Mahir-Ali-khan Loading…
detect vacuuming of journald as clearing syslog Linux Pull request add/update linux related rules Rules
#5050 opened Oct 14, 2024 by wieso-itzi Loading…
Update proc_creation_win_run_from_zip.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5047 opened Oct 13, 2024 by CheraghiMilad Loading…
Update win_security_register_new_logon_process_by_rubeus.yml Rules Windows Pull request add/update windows related rules
#5041 opened Oct 9, 2024 by Koifman Loading…
Exfiltration Over Alternative Protocol - Linux Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5035 opened Oct 6, 2024 by CheraghiMilad Loading…
Update Suspicious Double Extension File Execution Rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5030 opened Oct 1, 2024 by MalGamy12 Loading…
new_rules 2nd Review Needed PR need a second approval Rules
#5023 opened Sep 23, 2024 by saakovv Loading…
aws_new_rules Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5021 opened Sep 21, 2024 by saakovv Loading…
github-new-rules Rules Work In Progress Some changes are needed
#5018 opened Sep 20, 2024 by saakovv Loading…
Modify or Delete AWS RDS Cluster Rules
#5017 opened Sep 20, 2024 by saakovv Loading…
CreateFunctionUrlConfig Rules
#5016 opened Sep 20, 2024 by saakovv Loading…
ProTip! Follow long discussions with comments:>50.