Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
100 Open 4,613 Closed
100 Open 4,613 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Feat/ps script add cim alias Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5594 opened Aug 13, 2025 by vl43den Loading…
6
Registry Modifications through VBScripts Rules Windows Pull request add/update windows related rules
#5591 opened Aug 13, 2025 by swachchhanda000 Loading…
@swachchhanda000
Add new rule DNS rule Rules
#5588 opened Aug 8, 2025 by norbert791 Loading…
Create funklocker Ransomware extenstions 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5587 opened Aug 8, 2025 by 0xPrashanthSec Loading…
8
fix: potentially suspicious execution from tmp folder Linux Pull request add/update linux related rules Rules
#5586 opened Aug 8, 2025 by swachchhanda000 Loading…
Create proxy_hello_world_user_agent.yml 2nd Review Needed PR need a second approval Rules
#5577 opened Aug 2, 2025 by josamontiel Loading…
3
Add rule for CVE-2025-54309 CrushFTP Emerging-Threats Rules
#5576 opened Aug 1, 2025 by nisargsuthar Loading…
1
Refactor for generic log sources Rules
#5575 opened Aug 1, 2025 by defensivedepth Draft
update: suspicious file activity related to file sharing websites 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5574 opened Aug 1, 2025 by swachchhanda000 Loading…
[New Rule] - Registry Manipulation via WMI Stdregprov Ready to Merge Rules Windows Pull request add/update windows related rules
#5567 opened Jul 30, 2025 by Koifman Loading…
9
Create Suspicious UI Automation Named Pipe Creation Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5560 opened Jul 29, 2025 by 0xPrashanthSec Loading…
4
Create UI Automation Core DLL Loading Detection Duplicate Rules Windows Pull request add/update windows related rules
#5555 opened Jul 29, 2025 by 0xPrashanthSec Loading…
6
Add Sigma rule for detecting API Hooking via auditd syscalls in Linux (T1056.004) Linux Pull request add/update linux related rules Rules
#5551 opened Jul 28, 2025 by AAtashGar Loading…
[New Rule] - Unusual svchost Command Line Parameter Rules Windows Pull request add/update windows related rules
#5550 opened Jul 28, 2025 by Liran017 Loading…
8
update: windowsInstaller com object related rules Rules Windows Pull request add/update windows related rules
#5548 opened Jul 28, 2025 by swachchhanda000 Loading…
5
Add Sigma rule for detecting suspicious Zeek LDAP queries Rules
#5547 opened Jul 28, 2025 by AAtashGar Loading…
11
Fix: Use correct dash type in Azure cert/cred update rule Rules
#5542 opened Jul 23, 2025 by peterydzynski Loading…
4
New Sigma Rule : AWS GuardDuty Detector Deleted Or Updated Added Rules
#5536 opened Jul 20, 2025 by suKTech24 Loading…
8
fix: GitHub issues 2nd Review Needed PR need a second approval Emerging-Threats Linux Pull request add/update linux related rules Rules Windows Pull request add/update windows related rules
#5533 opened Jul 18, 2025 by swachchhanda000 Loading… Sigma-August-Release
8
Fix more rules 2nd Review Needed PR need a second approval Maintenance Related to additions and update of the repository features Rules Windows Pull request add/update windows related rules
#5532 opened Jul 18, 2025 by swachchhanda000 Loading…
3
Fix: FileFix - Suspicious Child Process from Browser File Upload Abuse Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5527 opened Jul 16, 2025 by seanthegeek Loading…
8
feat: WinRAR Creating Files in Startup Locations - CVE-2025-6218 and CVE-2025-8088. Rules Windows Pull request add/update windows related rules
#5525 opened Jul 16, 2025 by swachchhanda000 Loading…
Suspicious Use of for Loop with Directory Search in CMD Rules Windows Pull request add/update windows related rules
#5519 opened Jul 10, 2025 by jstnk9 Loading…
13
fix: Office 365 Apps Related False Positives 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5517 opened Jul 9, 2025 by swachchhanda000 Loading…
13
[New Rule] - Detect NTFS symlink behavior modifications using fsutil command Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5504 opened Jun 30, 2025 by tsale Loading…
@nasbench
1
ProTip! Adding no:label will show everything without a label.