Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
67 Open 4,449 Closed
67 Open 4,449 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

ntlm logon with impacket Rules Windows Pull request add/update windows related rules
#5373 opened Apr 19, 2025 by woundride Loading…
Sigma rules to detect CVE 2025 29824 and susp BLF File Creation Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5260 opened Apr 10, 2025 by swachchhanda000 Loading…
4
Introduce versions of rules for K8s audit log format Rules
#5259 opened Apr 9, 2025 by kelnage Loading…
feat: Security Event Logging Disabled Via MiniNt Registry Key Rules Windows Pull request add/update windows related rules
#5257 opened Apr 9, 2025 by swachchhanda000 Loading…
Add rule to detect activation of a Wi-Fi hotspot on Ubuntu systems via NetworkManager, based on syslog. Linux Pull request add/update linux related rules Rules
#5255 opened Apr 7, 2025 by rahulisationn Loading…
1
Add rule to detect makecab staging of LOLBins Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5254 opened Apr 4, 2025 by alexegorov1 Loading…
2
New Rules : PowerShell Console History File Access - file_access + proc_creation Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5253 opened Apr 4, 2025 by EzLucky Loading…
2
Modify proc_creation_win_ping_hex_ip.yml to look for hexidemical strings using regex Rules Windows Pull request add/update windows related rules
#5251 opened Apr 2, 2025 by vasquja Loading…
1
Added more generic potential HKCU CLSID COM hijacking rule Rules Windows Pull request add/update windows related rules
#5248 opened Mar 29, 2025 by grimlockx Loading…
1
Added more extensions that could be suspicious for Startup Folder Rules Windows Pull request add/update windows related rules
#5246 opened Mar 27, 2025 by swachchhanda000 Loading…
Rules for Rustdesk Rules Windows Pull request add/update windows related rules
#5245 opened Mar 27, 2025 by frack113 Loading…
Potential ClickFix Execution Pattern - Registry Rules Windows Pull request add/update windows related rules
#5244 opened Mar 25, 2025 by swachchhanda000 Loading…
1
Discovery via registry queries detection Rules Windows Pull request add/update windows related rules
#5243 opened Mar 24, 2025 by xlazarg Loading…
2
Create win_system_possible_ipv6_dns_takeover.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5242 opened Mar 22, 2025 by NinnessOtu Loading…
2
Create azure_ad_cross_tenant_b2b_collab_signin.yml Rules
#5233 opened Mar 15, 2025 by whichbuffer Loading…
Create azure_ad_cross_tenant_user_provisioning.yml Rules
#5232 opened Mar 15, 2025 by whichbuffer Loading…
Lazagne rule update Rules Windows Pull request add/update windows related rules
#5225 opened Mar 6, 2025 by swachchhanda000 Loading… Sigma-March-April-Release
fixed fps in some rules specifically remote thread creation related Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5222 opened Mar 4, 2025 by swachchhanda000 Loading… Sigma-March-April-Release
7
microsoft_sql_dangerous_operations Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5221 opened Mar 3, 2025 by dan21san Loading… Sigma-March-April-Release
3
Analytic for Signal Desktop sensitive data access Rules Windows Pull request add/update windows related rules
#5220 opened Mar 3, 2025 by netgrain Loading…
Replace CommandLine with real command line arguments Rules Windows Pull request add/update windows related rules
#5219 opened Mar 3, 2025 by nikstuckenbrock Loading… Sigma-March-April-Release
1
Adding rule for detecting recaptcha phish process executions 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5218 opened Mar 1, 2025 by montysecurity Loading… Sigma-March-April-Release
9
Automatically update heatmap json when new rule is pushed to master. Author Input Required changes the require information from original author of the rules Maintenance Related to additions and update of the repository features Work In Progress Some changes are needed
#5213 opened Feb 26, 2025 by JrOrOneEquals1 Loading…
3
Updated to exclude false positives from common CLI searches like "fin… Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5209 opened Feb 24, 2025 by kagebunsher Loading…
3
Fixed fps and added coverage for ARM based windows dotnet paths Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5208 opened Feb 24, 2025 by swachchhanda000 Loading… Sigma-March-April-Release
8
ProTip! Mix and match filters to narrow down what you’re looking for.