Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
75 Open 4,451 Closed
75 Open 4,451 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Add CVE-2025-24985 detection rule
#5383 opened Apr 23, 2025 by douglasrose75 Loading…
Adds Detection Studio to README.md page Maintenance Related to additions and update of the repository features
#5382 opened Apr 23, 2025 by sifex Loading…
Adding mitre tags to 9 rules Rules Windows Pull request add/update windows related rules
#5381 opened Apr 23, 2025 by david-syk Loading…
Adding missing mitre attack tags for 8 rules. Ready to Merge Rules Windows Pull request add/update windows related rules
#5380 opened Apr 22, 2025 by david-syk Loading…
feat: JavaScript Execution Via NodeJS Rules Windows Pull request add/update windows related rules
#5379 opened Apr 22, 2025 by swachchhanda000 Loading…
fix: FP related to Potentially Suspicious WDAC Policy File Creation Rules Windows Pull request add/update windows related rules
#5378 opened Apr 21, 2025 by X-Junior Loading…
Clear windows security event logs Duplicate Rules Windows Pull request add/update windows related rules
#5377 opened Apr 20, 2025 by woundride Loading…
5
Suspicious ntlm logon failure Rules Windows Pull request add/update windows related rules
#5376 opened Apr 20, 2025 by woundride Loading…
Suspicious NTLM Logon Success Rules Windows Pull request add/update windows related rules
#5375 opened Apr 20, 2025 by woundride Loading…
Sigma rules to detect CVE 2025 29824 and susp BLF File Creation Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5260 opened Apr 10, 2025 by swachchhanda000 Loading…
4
Introduce versions of rules for K8s audit log format Rules
#5259 opened Apr 9, 2025 by kelnage Loading…
feat: Security Event Logging Disabled Via MiniNt Registry Key 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5257 opened Apr 9, 2025 by swachchhanda000 Loading…
1
Add rule to detect activation of a Wi-Fi hotspot on Ubuntu systems via NetworkManager, based on syslog. Linux Pull request add/update linux related rules Rules
#5255 opened Apr 7, 2025 by rahulisationn Loading…
1
Add rule to detect makecab staging of LOLBins Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5254 opened Apr 4, 2025 by alexegorov1 Loading…
2
New Rule : PowerShell Console History File Access - proc_creation Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5253 opened Apr 4, 2025 by EzLucky Loading…
4
Modify proc_creation_win_ping_hex_ip.yml to look for hexidemical strings using regex Rules Windows Pull request add/update windows related rules
#5251 opened Apr 2, 2025 by vasquja Loading…
1
Added more generic potential HKCU CLSID COM hijacking rule Rules Windows Pull request add/update windows related rules
#5248 opened Mar 29, 2025 by grimlockx Loading…
1
Added more extensions that could be suspicious for Startup Folder Rules Windows Pull request add/update windows related rules
#5246 opened Mar 27, 2025 by swachchhanda000 Loading…
Rules for Rustdesk Rules Windows Pull request add/update windows related rules
#5245 opened Mar 27, 2025 by frack113 Loading…
Potential ClickFix Execution Pattern - Registry Rules Windows Pull request add/update windows related rules
#5244 opened Mar 25, 2025 by swachchhanda000 Loading…
1
Discovery via registry queries detection Rules Windows Pull request add/update windows related rules
#5243 opened Mar 24, 2025 by xlazarg Loading…
2
Create win_system_possible_ipv6_dns_takeover.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5242 opened Mar 22, 2025 by NinnessOtu Loading…
2
Create azure_ad_cross_tenant_b2b_collab_signin.yml Rules
#5233 opened Mar 15, 2025 by whichbuffer Loading…
Create azure_ad_cross_tenant_user_provisioning.yml Rules
#5232 opened Mar 15, 2025 by whichbuffer Loading…
Lazagne rule update Rules Windows Pull request add/update windows related rules
#5225 opened Mar 6, 2025 by swachchhanda000 Loading… Sigma-March-April-Release
ProTip! Add no:assignee to see everything that’s not assigned.