-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
Pull requests: SigmaHQ/sigma
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
add new rule for password_group_discovery
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5103
opened Dec 1, 2024 by
CheraghiMilad
Loading…
Proc creation lnx local account
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5099
opened Nov 30, 2024 by
CheraghiMilad
Loading…
Add a new technique with a service
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
#5098
opened Nov 30, 2024 by
CheraghiMilad
Loading…
Proc creation lnx exfiltration data via sftp protocol (winscp tool)
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5096
opened Nov 29, 2024 by
CheraghiMilad
Loading…
Quick Assist Detection in the environment
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5095
opened Nov 29, 2024 by
faisalusuf
Loading…
add rule for impair system power settings
2nd Review Needed
PR need a second approval
Linux
Pull request add/update linux related rules
Rules
#5090
opened Nov 24, 2024 by
CheraghiMilad
Loading…
Expand ESXi Detections with ESXCli & VIM-CMD Detections
2nd Review Needed
PR need a second approval
Linux
Pull request add/update linux related rules
Rules
#5087
opened Nov 23, 2024 by
AlbinoGazelle
Loading…
Update proc_creation_win_findstr_security_keyword_lookup.yml
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5085
opened Nov 20, 2024 by
MalGamy12
Loading…
Detects the immediate execution of Python web servers (e.g., http.server) via the command line interface (CLI)
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5079
opened Nov 13, 2024 by
mlakri
Loading…
Create Suspicious_Access_Attempt_to_the_cert Windows_Share_Possible_C…
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5073
opened Nov 7, 2024 by
NinnessOtu
Loading…
RightToLeft Obfuscation - PowerShell
Author Input Required
changes the require information from original author of the rules
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
This is a proposal for SUID Enumeration Using Find
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
Create microsoft365_teams_guest_rmm_deployment.yml
Author Input Required
changes the require information from original author of the rules
Rules
Work In Progress
Some changes are needed
#5066
opened Nov 1, 2024 by
prashanthpulisetti
Loading…
Converted Auditd rules
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
#5059
opened Oct 22, 2024 by
defensivedepth
Loading…
Create proc_creation_win_reg_add_AutoAdminLogon_key.yml
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5053
opened Oct 16, 2024 by
Mahir-Ali-khan
Loading…
detect vacuuming of journald as clearing syslog
Linux
Pull request add/update linux related rules
Rules
#5050
opened Oct 14, 2024 by
wieso-itzi
Loading…
Update proc_creation_win_run_from_zip.yml
Author Input Required
changes the require information from original author of the rules
Rules
Work In Progress
Some changes are needed
#5047
opened Oct 13, 2024 by
CheraghiMilad
Loading…
Update win_security_register_new_logon_process_by_rubeus.yml
Rules
Windows
Pull request add/update windows related rules
#5041
opened Oct 9, 2024 by
Koifman
Loading…
Exfiltration Over Alternative Protocol - Linux
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5035
opened Oct 6, 2024 by
CheraghiMilad
Loading…
Update Suspicious Double Extension File Execution Rules
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5030
opened Oct 1, 2024 by
MalGamy12
Loading…
new_rules
2nd Review Needed
PR need a second approval
Rules
#5023
opened Sep 23, 2024 by
saakovv
Loading…
aws_new_rules
Author Input Required
changes the require information from original author of the rules
Rules
Work In Progress
Some changes are needed
#5021
opened Sep 21, 2024 by
saakovv
Loading…
github-new-rules
Rules
Work In Progress
Some changes are needed
#5018
opened Sep 20, 2024 by
saakovv
Loading…
Previous Next
ProTip!
Follow long discussions with comments:>50.