-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Issues: SigmaHQ/sigma
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Add rule to detect activation of a Wi-Fi hotspot on Ubuntu systems via NetworkManager, based on syslog.
Linux
Pull request add/update linux related rules
Rules
#5255
opened Apr 7, 2025 by
rahulisationn
Loading…
Lnx auditd user discovery
Linux
Pull request add/update linux related rules
Rules
#5129
opened Dec 13, 2024 by
CheraghiMilad
Loading…
Proc creation lnx webshell detection
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5128
opened Dec 13, 2024 by
CheraghiMilad
•
Draft
Some paths added
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5120
opened Dec 10, 2024 by
CheraghiMilad
•
Draft
Some Images and one technique Added
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
#5118
opened Dec 10, 2024 by
CheraghiMilad
Loading…
Add rule for insert or remove rootkit
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5114
opened Dec 8, 2024 by
CheraghiMilad
Loading…
Add rule for device driver discovery
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5113
opened Dec 8, 2024 by
CheraghiMilad
Loading…
Add rule for detect browser information discovery
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
#5112
opened Dec 8, 2024 by
CheraghiMilad
Loading…
Proc creation lnx exfiltration data via sftp protocol (winscp tool)
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5096
opened Nov 29, 2024 by
CheraghiMilad
Loading…
add rule for impair system power settings
2nd Review Needed
PR need a second approval
Linux
Pull request add/update linux related rules
Rules
#5090
opened Nov 24, 2024 by
CheraghiMilad
Loading…
Detects the immediate execution of Python web servers (e.g., http.server) via the command line interface (CLI)
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
#5079
opened Nov 13, 2024 by
mlakri
Loading…
This is a proposal for SUID Enumeration Using Find
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
Work In Progress
Some changes are needed
Converted Auditd rules
Author Input Required
changes the require information from original author of the rules
Linux
Pull request add/update linux related rules
Rules
#5059
opened Oct 22, 2024 by
defensivedepth
Loading…
detect vacuuming of journald as clearing syslog
2nd Review Needed
PR need a second approval
Linux
Pull request add/update linux related rules
Rules
#5050
opened Oct 14, 2024 by
wieso-itzi
Loading…
ProTip!
Adding no:label will show everything without a label.