Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
71 Open 4,794 Closed
71 Open 4,794 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Clone #5504 Ready to Merge Rules Windows Pull request add/update windows related rules
#5757 opened Nov 12, 2025 by nasbench Loading… Sigma-December-Release
5
Add DPI-based network rule for responder footprints detection Additional Data Needed Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules
#5751 opened Nov 11, 2025 by cogResearch Loading…
2
feat: phantom DLL hijacking rules 2nd Review Needed PR need a second approval Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5749 opened Nov 10, 2025 by swachchhanda000 Loading… Sigma-December-Release
@swachchhanda000
6
3 New rules Additional Data Needed Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5747 opened Nov 8, 2025 by louiselalanne Loading…
4
Update dns_query_win_vscode_tunnel_communication.yml Ready to Merge Rules Windows Pull request add/update windows related rules
#5746 opened Nov 7, 2025 by deftoner Loading… Sigma-December-Release
1
new: bindfltapi.dll execution by suspicious process Rules Windows Pull request add/update windows related rules
#5744 opened Nov 6, 2025 by vl43den Loading…
Feat: susp msix/appX package installation detection Maintenance Related to additions and update of the repository features Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5741 opened Nov 3, 2025 by swachchhanda000 Loading…
@nasbench
2
API_Hooking_detection Linux Pull request add/update linux related rules Rules
#5739 opened Nov 2, 2025 by AAtashGar Loading…
1
RDP Enable or Disable via Win32_TerminalServiceSetting WMI Class 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5725 opened Oct 27, 2025 by Koifman Loading… Sigma-December-Release
@nasbench
2
Update: DNS Query to External Service Interaction Domains - additional domains and filter Review Needed The PR requires review Rules
#5724 opened Oct 26, 2025 by darses Loading… Sigma-December-Release
@nasbench
2
Create win_trusted_for_delegation_rights.yml Rules Windows Pull request add/update windows related rules
#5723 opened Oct 24, 2025 by ShujiTsushima Loading…
Create enumeration_with_bloodhound_on_dc.yml Rules Windows Pull request add/update windows related rules
#5721 opened Oct 23, 2025 by ShujiTsushima Loading…
3
Add Regression Tests and Simulation Links - First Batch Maintenance Related to additions and update of the repository features Rules Windows Pull request add/update windows related rules
#5719 opened Oct 22, 2025 by nasbench Draft Sigma-December-Release
3
New rules related to recent reported ransom group activity (The Gentlemen) 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5717 opened Oct 22, 2025 by tropChaud Loading…
7
Add detection rules for abuse of OpenEDR's response features Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5716 opened Oct 22, 2025 by tsale Loading…
9
Add New Detection Rules for Grixba Malware Reconnaissance Activities Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5707 opened Oct 19, 2025 by YxinMiracle Loading… Sigma-December-Release
3
macOS process create detections related to Bluenoroff macOS intrusion MacOS Pull request add/update macos related rules Rules
#5700 opened Oct 17, 2025 by stuartjash Loading…
1
add detection rule for suspicious use of BrowserCore.exe in PRT extra… Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5676 opened Oct 3, 2025 by e0909 Loading…
10
Hunting rules for Hex Staging Attack and HTML Phishing Attachment 2nd Review Needed PR need a second approval Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5674 opened Oct 2, 2025 by skaynum Loading…
27
Adding persistence and curl data exfil for AMOS and renaming of folder to Atomic MacOS Stealer Additional Data Needed Author Input Required changes the require information from original author of the rules Emerging-Threats Rules Work In Progress Some changes are needed
#5669 opened Oct 2, 2025 by JasonPhang98 Loading…
11
Wsl rules Additional Data Needed Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5668 opened Oct 1, 2025 by Liran017 Loading…
12
feat: add detection for CVE-2025-20333 and CVE-2025-20362 Emerging-Threats Rules
#5662 opened Sep 27, 2025 by swachchhanda000 Loading…
5
feat: PPL protected LSASS dump via wsass.exe 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5652 opened Sep 16, 2025 by swachchhanda000 Loading…
@nasbench
17
feat: goldendMSA attack 2nd Review Needed PR need a second approval Rules Windows Pull request add/update windows related rules
#5646 opened Sep 11, 2025 by swachchhanda000 Loading…
7
feat: susp service priv esc and phantom hijack rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5643 opened Sep 8, 2025 by swachchhanda000 Loading…
8
ProTip! Mix and match filters to narrow down what you’re looking for.