Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
66 Open 4,859 Closed
66 Open 4,859 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

fix: typos Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5822 opened Jan 1, 2026 by EzLucky Loading…
Add Ligolo-ng tunneling tool detection Additional Data Needed Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5818 opened Dec 31, 2025 by SecMab Loading…
4 tasks done
5
Okta Session Impersonation Review Needed The PR requires review Rules
#5816 opened Dec 27, 2025 by zendannyy Loading…
2
update: disable autologger session Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5815 opened Dec 26, 2025 by swachchhanda000 Loading…
3
new: Disable credential guard Maintenance Related to additions and update of the repository features Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5814 opened Dec 26, 2025 by swachchhanda000 Loading… Sigma-January-Release
20
new: AMSI Disabled via Registry Modification Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5813 opened Dec 25, 2025 by swachchhanda000 Loading… Sigma-January-Release
8
chore: t1562.001 regression tests Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5812 opened Dec 23, 2025 by swachchhanda000 Draft
new: Vulnerable Driver Blocklist and HVCI Disable via Registry Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5811 opened Dec 22, 2025 by swachchhanda000 Loading… Sigma-January-Release
17
PUA - NSSM Execution Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5810 opened Dec 19, 2025 by swachchhanda000 Loading…
update: internal tools registry tampering Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5808 opened Dec 17, 2025 by swachchhanda000 Loading…
3
chore: add regression test for wmic related rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5807 opened Dec 15, 2025 by swachchhanda000 Loading…
9
Update bitsadmin rules with regresstion tests Rules Windows Pull request add/update windows related rules
#5802 opened Dec 10, 2025 by swachchhanda000 Loading… Sigma-January-Release
12
add: Linux Security Capability Set Via Setfattr Utility Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5800 opened Dec 8, 2025 by EzLucky Loading…
ci: 🤖 Fix URL for sigma_schema_url Maintenance Related to additions and update of the repository features Review Needed The PR requires review
#5797 opened Dec 7, 2025 by frack113 Loading…
1
@phantinuss
1
cve-2025-49666 detection rule Additional Data Needed Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5796 opened Dec 6, 2025 by 17patmaks Loading…
6 tasks done
3
Add SSH brute force detection rule Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5792 opened Dec 4, 2025 by LB89-code Draft
2
fix: FPs on docker images Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5780 opened Nov 28, 2025 by marius-benthin Loading… Sigma-January-Release
@nasbench
17
feat: Shai-Hulud: The Second Coming Rules Emerging-Threats Linux Pull request add/update linux related rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5772 opened Nov 25, 2025 by swachchhanda000 Loading… Sigma-January-Release
3
add: Linux setcap setuid Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5771 opened Nov 25, 2025 by EzLucky Loading… Sigma-January-Release
12
Add detection rule for Chaos/Darkside Ransomware style hidden Cmd launching suspicious targets Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5767 opened Nov 20, 2025 by vl43den Loading… Sigma-January-Release
@swachchhanda000
2
Add Correlation Support Work In Progress Some changes are needed
#5759 opened Nov 17, 2025 by nasbench Draft
7 tasks
Sigma-January-Release
@nasbench
Add DPI-based network rule for responder footprints detection Additional Data Needed Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules
#5751 opened Nov 11, 2025 by cogResearch Loading…
4
feat: phantom DLL hijacking rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5749 opened Nov 10, 2025 by swachchhanda000 Loading… Sigma-January-Release
@swachchhanda000
6
3 New rules Additional Data Needed Author Input Required changes the require information from original author of the rules Rules Windows Pull request add/update windows related rules
#5747 opened Nov 8, 2025 by louiselalanne Loading…
4
new: bindfltapi.dll execution by suspicious process Rules Windows Pull request add/update windows related rules
#5744 opened Nov 6, 2025 by vl43den Loading…
ProTip! Follow long discussions with comments:>50.