Skip to content

Pull requests: SigmaHQ/sigma

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Assignee
Filter by who’s assigned
Sort

Pull requests list

Adding two new techniques to the rule - findmnt - mlocate Linux Pull request add/update linux related rules Rules
#5091 opened Nov 24, 2024 by CheraghiMilad Loading…
add rule for impair system power settings Linux Pull request add/update linux related rules Rules
#5090 opened Nov 24, 2024 by CheraghiMilad Loading…
Expand ESXi Detections with ESXCli & VIM-CMD Detections Linux Pull request add/update linux related rules Rules
#5087 opened Nov 23, 2024 by AlbinoGazelle Loading…
Update proc_creation_win_findstr_security_keyword_lookup.yml Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5085 opened Nov 20, 2024 by MalGamy12 Loading…
Update registry_set_persistence_com_hijacking_builtin.yml Rules Windows Pull request add/update windows related rules
#5084 opened Nov 19, 2024 by MalGamy12 Loading…
Added ordinal of ShellExec_RunDLL Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5082 opened Nov 16, 2024 by swachchhanda000 Loading…
Detects the immediate execution of Python web servers (e.g., http.server) via the command line interface (CLI) Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5079 opened Nov 13, 2024 by mlakri Loading…
Create Suspicious_Access_Attempt_to_the_cert Windows_Share_Possible_C… Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5073 opened Nov 7, 2024 by NinnessOtu Loading…
RightToLeft Obfuscation - PowerShell Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5072 opened Nov 6, 2024 by FilipPwn Draft
This is a proposal for SUID Enumeration Using Find Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5071 opened Nov 4, 2024 by mlakri Draft
Create microsoft365_teams_guest_rmm_deployment.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5066 opened Nov 1, 2024 by prashanthpulisetti Loading…
Converted Auditd rules Linux Pull request add/update linux related rules Rules
#5059 opened Oct 22, 2024 by defensivedepth Loading…
Create proc_creation_win_reg_add_AutoAdminLogon_key.yml Rules Windows Pull request add/update windows related rules
#5053 opened Oct 16, 2024 by Mahir-Ali-khan Loading…
detect vacuuming of journald as clearing syslog Linux Pull request add/update linux related rules Rules
#5050 opened Oct 14, 2024 by wieso-itzi Loading…
Update proc_creation_win_run_from_zip.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5047 opened Oct 13, 2024 by CheraghiMilad Loading…
Add Suspicius Setup16 Parent Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5046 opened Oct 13, 2024 by frack113 Loading…
Update win_security_register_new_logon_process_by_rubeus.yml Rules Windows Pull request add/update windows related rules
#5041 opened Oct 9, 2024 by Koifman Loading…
Exfiltration Over Alternative Protocol - Linux Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5035 opened Oct 6, 2024 by CheraghiMilad Loading…
Update Suspicious Double Extension File Execution Rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5030 opened Oct 1, 2024 by MalGamy12 Loading…
new_rules Rules
#5023 opened Sep 23, 2024 by saakovv Loading…
aws_new_rules Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5021 opened Sep 21, 2024 by saakovv Loading…
github-new-rules Rules Work In Progress Some changes are needed
#5018 opened Sep 20, 2024 by saakovv Loading…
Modify or Delete AWS RDS Cluster Rules
#5017 opened Sep 20, 2024 by saakovv Loading…
CreateFunctionUrlConfig Rules
#5016 opened Sep 20, 2024 by saakovv Loading…
DeleteSAMLProvider AWS Rules
#5015 opened Sep 20, 2024 by saakovv Loading…
ProTip! Adding no:label will show everything without a label.