Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
82 Open 4,565 Closed
82 Open 4,565 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

new: ADExplorer writing complete AD snapshot into .dat file - update: Active Directory Database Snapshot Via ADExplorer Rules Windows Pull request add/update windows related rules
#5518 opened Jul 9, 2025 by ruppde Loading…
fix: Office 365 Apps Related False Positives Rules Windows Pull request add/update windows related rules
#5517 opened Jul 9, 2025 by swachchhanda000 Loading…
8
[New Rule] - Detect NTFS symlink behavior modifications using fsutil command Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5504 opened Jun 30, 2025 by tsale Loading…
@nasbench
1
feat: Reg shell open command Rules Windows Pull request add/update windows related rules
#5487 opened Jun 17, 2025 by swachchhanda000 Loading…
Update: Suspicious Copy From or To System Directory Rules Windows Pull request add/update windows related rules
#5482 opened Jun 16, 2025 by swachchhanda000 Loading…
2
update: SquiblyTwo Related Rules Rules Windows Pull request add/update windows related rules
#5476 opened Jun 12, 2025 by swachchhanda000 Loading…
4
feat: Renamed Schtasks Execution Rules Windows Pull request add/update windows related rules
#5475 opened Jun 12, 2025 by swachchhanda000 Loading…
7
Process Name Masquerading Linux Pull request add/update linux related rules Rules
#5470 opened Jun 5, 2025 by CheraghiMilad Loading…
Hacktool - Defendnot Execution 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5469 opened Jun 5, 2025 by swachchhanda000 Loading…
8
fix: make use of enriched auditd fields Linux Pull request add/update linux related rules Rules
#5468 opened Jun 5, 2025 by phantinuss Loading…
add proc_modules method Linux Pull request add/update linux related rules Rules
#5460 opened Jun 3, 2025 by CheraghiMilad Loading…
1
fix logic of detection section Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5458 opened Jun 3, 2025 by CheraghiMilad Loading…
1
fix logic of detection section Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5457 opened Jun 2, 2025 by CheraghiMilad Loading…
1
fix logic of detection Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules Work In Progress Some changes are needed
#5456 opened Jun 2, 2025 by CheraghiMilad Loading…
1
The sysctl method has been added Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules
#5455 opened Jun 2, 2025 by CheraghiMilad Loading…
4
change suid_dumpable config Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Work In Progress Some changes are needed
#5454 opened Jun 2, 2025 by CheraghiMilad Loading…
14
add another technique Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Rules
#5450 opened Jun 1, 2025 by CheraghiMilad Loading…
3
Create proc_creation_win_tacticalrmm_install_via_cli.yml 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5442 opened May 29, 2025 by egycondor Loading…
7
clear journalctl logs Linux Pull request add/update linux related rules Rules
#5439 opened May 27, 2025 by CheraghiMilad Loading…
8
feat: BadSuccessor dMSA Abuse for Privileges Escalation 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5433 opened May 24, 2025 by swachchhanda000 Loading…
6
chore: give back list of promoted rules 2nd Review Needed PR need a second approval Maintenance Related to additions and update of the repository features
#5420 opened May 15, 2025 by ariel-anieli Loading…
3
Add correlation rules from AT project Correlation-Rules Rules Windows Pull request add/update windows related rules
#5415 opened May 13, 2025 by tonifef Draft
2
Indirect Command Execution via SFTP ProxyCommand 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5414 opened May 13, 2025 by swachchhanda000 Loading…
Add rule: Office Macro Phishing Initial Access detection Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5411 opened May 10, 2025 by arjun-tarakesh Loading…
6
New Google Workspace rules 2nd Review Needed PR need a second approval Cloud Pull request add/update cloud related rules Rules
#5409 opened May 7, 2025 by Luke57 Loading…
13
ProTip! Type g i on any issue or pull request to go back to the issue listing page.