-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
Pull requests: SigmaHQ/sigma
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
Add detection rule for MeshAgent command execution
Rules
Windows
Pull request add/update windows related rules
#5020
opened Sep 21, 2024 by
tsale
Loading…
remove the dual use tool nmap from "Linux HackTool Execution"
Linux
Pull request add/update linux related rules
Rules
#5013
opened Sep 19, 2024 by
ruppde
Loading…
Added the string corresponding to "{"alg":" since some token headers start with this
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5012
opened Sep 18, 2024 by
ionsor
Loading…
sigma rules around using MSI for privilege escalation
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5010
opened Sep 16, 2024 by
sec-hbaer
Loading…
Update proc_creation_win_hktl_certipy.yml
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5008
opened Sep 13, 2024 by
BlackB0lt
Loading…
Create proc_creation_win_code_devtunnel_tunneling.yaml
2nd Review Needed
PR need a second approval
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#5004
opened Sep 9, 2024 by
0xAnalyst
Loading…
Sigma FP fixes
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
Add Sigma rule for CVE-2024-38063 IPv6 memory corruption detection
Author Input Required
changes the require information from original author of the rules
Emerging-Threats
Rules
Work In Progress
Some changes are needed
Add Rule: proc_creation_win_renamed_ssh.yml
Author Input Required
changes the require information from original author of the rules
Rules
Windows
Pull request add/update windows related rules
#4971
opened Aug 15, 2024 by
omaramin17
•
Draft
Winscp rule from Akira Ransomware report
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4939
opened Jul 30, 2024 by
frack113
Loading…
Add iis configuration rules
Maintenance
Related to additions and update of the repository features
Rules
Windows
Pull request add/update windows related rules
#4935
opened Jul 27, 2024 by
frack113
Loading…
New Rules
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4913
opened Jul 12, 2024 by
skaynum
Loading…
Regasm Without CommandLine
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4901
opened Jul 5, 2024 by
frack113
Loading…
Unconstrained delegation
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4886
opened Jun 23, 2024 by
frack113
Loading…
XXD Command Line Obfuscation on Linux & Compiler Execution Within Kubernetes Containers & Three Others
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#4884
opened Jun 21, 2024 by
signalblur
Loading…
Add deprecated csv script
Maintenance
Related to additions and update of the repository features
Rules
Work In Progress
Some changes are needed
#4858
opened May 17, 2024 by
frack113
Loading…
Sigma tactics organizer
Maintenance
Related to additions and update of the repository features
Work In Progress
Some changes are needed
#4625
opened Dec 12, 2023 by
dan21san
Loading…
New rules suggested for AD Container WRITE_DAC & WRITE_OWNER detection + DNS Server DLL injection
Rules
Windows
Pull request add/update windows related rules
Work In Progress
Some changes are needed
#4606
opened Nov 30, 2023 by
woundride
Loading…
Add LDAP firewall application rules
Rules
Work In Progress
Some changes are needed
#4528
opened Oct 30, 2023 by
dekelpaz
Loading…
ProTip!
Filter pull requests by the default branch with base:master.