Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
92 Open 4,533 Closed
92 Open 4,533 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Kerberos Coercion Via DNS SPN Spoofing Rules Windows Pull request add/update windows related rules
#5492 opened Jun 20, 2025 by swachchhanda000 Loading…
1
Add Reflective DLL Load via PowerShell (T1055.001) Rules Windows Pull request add/update windows related rules
#5491 opened Jun 20, 2025 by vVv-Keys Loading…
4
Add Linux detection rule for curl/wget downloads executed from /tmp Linux Pull request add/update linux related rules Rules
#5489 opened Jun 17, 2025 by hashdr1ft Loading…
7
Trusted path bypass Rules Windows Pull request add/update windows related rules
#5488 opened Jun 17, 2025 by swachchhanda000 Loading…
feat: Reg shell open command Rules Windows Pull request add/update windows related rules
#5487 opened Jun 17, 2025 by swachchhanda000 Loading…
fix: reduce FP matching with regex pattern Linux Pull request add/update linux related rules Rules
#5486 opened Jun 16, 2025 by phantinuss Loading…
1
Update: Suspicious Copy From or To System Directory Rules Windows Pull request add/update windows related rules
#5482 opened Jun 16, 2025 by swachchhanda000 Loading…
2
add rule to detect vshadow.exe with -exec parameter Rules Windows Pull request add/update windows related rules
#5478 opened Jun 12, 2025 by kivi280 Loading…
8
update: SquiblyTwo Related Rules Rules Windows Pull request add/update windows related rules
#5476 opened Jun 12, 2025 by swachchhanda000 Loading…
4
feat: Renamed Schtasks Execution Rules Windows Pull request add/update windows related rules
#5475 opened Jun 12, 2025 by swachchhanda000 Loading…
7
Process Name Masquerading Linux Pull request add/update linux related rules Rules
#5470 opened Jun 5, 2025 by CheraghiMilad Loading…
Hacktool - Defendnot Execution 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5469 opened Jun 5, 2025 by swachchhanda000 Loading…
8
fix: make use of enriched auditd fields Linux Pull request add/update linux related rules Rules
#5468 opened Jun 5, 2025 by phantinuss Loading…
PowerShell MSI Install via WindowsInstaller COM From Remote Location 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5466 opened Jun 5, 2025 by vx3r Loading…
11
add proc_modules method Linux Pull request add/update linux related rules Rules
#5460 opened Jun 3, 2025 by CheraghiMilad Loading…
1
fix logic of detection section Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5458 opened Jun 3, 2025 by CheraghiMilad Loading…
1
fix logic of detection section Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5457 opened Jun 2, 2025 by CheraghiMilad Loading…
1
fix logic of detection Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5456 opened Jun 2, 2025 by CheraghiMilad Loading…
1
The sysctl method has been added Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules
#5455 opened Jun 2, 2025 by CheraghiMilad Loading…
4
change suid_dumpable config Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Work In Progress Some changes are needed
#5454 opened Jun 2, 2025 by CheraghiMilad Loading…
14
add another technique Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules
#5450 opened Jun 1, 2025 by CheraghiMilad Loading…
3
Create proc_creation_win_tacticalrmm_install_via_cli.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5442 opened May 29, 2025 by egycondor Loading…
7
clear journalctl logs Linux Pull request add/update linux related rules Rules
#5439 opened May 27, 2025 by CheraghiMilad Loading…
8
feat: BadSuccessor dMSA Abuse for Privileges Escalation 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5433 opened May 24, 2025 by swachchhanda000 Loading…
6
New rules: MeshAgent arguments MacOS Pull request add/update macos related rules Rules Windows Pull request add/update windows related rules
#5426 opened May 19, 2025 by norbert791 Loading…
31
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.