Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
40 Open 4,313 Closed
40 Open 4,313 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Added ordinal of ShellExec_RunDLL Rules Windows Pull request add/update windows related rules
#5082 opened Nov 16, 2024 by swachchhanda000 Loading…
2
Detect RTLO extension spoofing, MITRE T1036.002 in File-Events Rules Windows Pull request add/update windows related rules
#5081 opened Nov 15, 2024 by cod3nym Loading…
4
Archive New Rule References
#5080 opened Nov 15, 2024 by github-actions bot Loading…
Detects the immediate execution of Python web servers (e.g., http.server) via the command line interface (CLI) Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5079 opened Nov 13, 2024 by mlakri Loading…
Create net_connection_win_susp_azurefd_connection.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5077 opened Nov 11, 2024 by IsaacDunham Loading…
@nasbench
3
Update proc_creation_win_expand_cabinet_files.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5075 opened Nov 10, 2024 by MalGamy12 Loading…
2
Create Suspicious_Access_Attempt_to_the_cert Windows_Share_Possible_C… Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5073 opened Nov 7, 2024 by NinnessOtu Loading…
3
RightToLeft Obfuscation - PowerShell Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5072 opened Nov 6, 2024 by FilipPwn Draft
2
This is a proposal for SUID Enumeration Using Find Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5071 opened Nov 4, 2024 by mlakri Draft
3
Add more imgaes to the rule (proc_creation_lnx_omigod_scx_runasprovider_executeshellcommand) Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5069 opened Nov 2, 2024 by CheraghiMilad Draft
1
Create microsoft365_teams_guest_rmm_deployment.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5066 opened Nov 1, 2024 by prashanthpulisetti Loading…
12
Add new rule Email Forwarding Rule - Exchange Rules
#5061 opened Oct 23, 2024 by dan21san Loading…
1
Converted Auditd rules Linux Pull request add/update linux related rules Rules
#5059 opened Oct 22, 2024 by defensivedepth Loading…
Update App Role Added based on Microsoft description Additional Data Needed Rules Work In Progress Some changes are needed
#5054 opened Oct 18, 2024 by gregorywychowaniec-zt Loading…
6
Create proc_creation_win_reg_add_AutoAdminLogon_key.yml Rules Windows Pull request add/update windows related rules
#5053 opened Oct 16, 2024 by Mahir-Ali-khan Loading…
detect vacuuming of journald as clearing syslog Linux Pull request add/update linux related rules Rules
#5050 opened Oct 14, 2024 by wieso-itzi Loading…
Update proc_creation_win_run_from_zip.yml Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5047 opened Oct 13, 2024 by CheraghiMilad Loading…
@nasbench
1
Add Suspicius Setup16 Parent Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5046 opened Oct 13, 2024 by frack113 Loading…
@nasbench
Update win_security_register_new_logon_process_by_rubeus.yml Rules Windows Pull request add/update windows related rules
#5041 opened Oct 9, 2024 by Koifman Loading…
1
Exfiltration Over Alternative Protocol - Linux Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5035 opened Oct 6, 2024 by CheraghiMilad Loading…
@nasbench
6
Update Suspicious Double Extension File Execution Rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5030 opened Oct 1, 2024 by MalGamy12 Loading…
@nasbench
2
new_rules Rules
#5023 opened Sep 23, 2024 by saakovv Loading…
aws_new_rules Author Input Required changes the require information from original author of the rules Rules Work In Progress Some changes are needed
#5021 opened Sep 21, 2024 by saakovv Loading…
7
github-new-rules Rules Work In Progress Some changes are needed
#5018 opened Sep 20, 2024 by saakovv Loading…
@nasbench
5
Modify or Delete AWS RDS Cluster Rules
#5017 opened Sep 20, 2024 by saakovv Loading…
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.