Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Pull requests: SigmaHQ/sigma

New pull request New
84 Open 4,902 Closed
84 Open 4,902 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Add PowerShell AppLocker policy discovery rule Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5887 opened Feb 28, 2026 by Tom3306 Loading…
Add Socat Reverse Shell Detection Rule for Linux Process Creation Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5886 opened Feb 27, 2026 by nedelcubianca Loading…
new: Suspicious Process DNS Query To Known Abused Web Services - clos… Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5884 opened Feb 25, 2026 by heyyanu Loading…
1
fix: remove trailing spaces in selection_hidden and selection_noninteractive Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5883 opened Feb 24, 2026 by heyyanu Loading…
1
1
Added new rule to detect suspicious file dump using print.exe Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5881 opened Feb 23, 2026 by Securityinbits Loading… Sigma-March-Release
9
feat(windows): detect multiple unknown-user failed logons from single source IP Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5880 opened Feb 22, 2026 by Tom3306 Loading…
6 tasks
Add detection rule for PDFClick malware PDC_Update scheduled task persistence Additional Data Needed Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules Work In Progress Some changes are needed
#5879 opened Feb 21, 2026 by dlogoh Loading…
1
add: Linux Suspicious Setcap Use with All Capabilities Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5878 opened Feb 20, 2026 by EzLucky Loading…
Add caspol network connection Additional Data Needed Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5877 opened Feb 20, 2026 by davidljohnson Loading…
1
Refine ld.so.preload modification detection and improve documentation Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5873 opened Feb 18, 2026 by Aadith1422 Loading…
new: Zillya Antivirus DLL Sideloading Detection Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5872 opened Feb 17, 2026 by ksyeung Loading…
6
Add detection for suspicious DNS parsing/execution chain via Run dial… Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5871 opened Feb 16, 2026 by thredb Loading…
CVE-2026-21509 APT28 Office Exploitation Detection Rules Emerging-Threats Review Needed The PR requires review Rules
#5870 opened Feb 16, 2026 by jaamaal Loading…
Add threat hunting rule for single-character binary execution Linux Pull request add/update linux related rules MacOS Pull request add/update macos related rules Review Needed The PR requires review Rules Threat-Hunting Windows Pull request add/update windows related rules
#5868 opened Feb 14, 2026 by norbert791 Loading…
2
fix: add exclusion webshell rule Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5867 opened Feb 13, 2026 by Neo23x0 Loading…
1
Hunters ledger batch1 arsenal237 Author Input Required changes the require information from original author of the rules Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5866 opened Feb 13, 2026 by PixelatedContinuum Loading…
2
A readme for placeholder rules Review Needed The PR requires review Rules
#5864 opened Feb 12, 2026 by zendannyy Loading…
Add VBS dropper pattern from recent AgentTesla campaign Review Needed The PR requires review Rules Windows Pull request add/update windows related rules
#5859 opened Feb 5, 2026 by davidljohnson Loading… Sigma-March-Release
5
chore: add missing json logs Review Needed The PR requires review
#5857 opened Feb 4, 2026 by swachchhanda000 Loading…
new: Possible Malicious New Agent Skill Installed via npx skills Review Needed The PR requires review Rules Threat-Hunting Windows Pull request add/update windows related rules
#5855 opened Feb 3, 2026 by marcopedrinazzi Loading…
1
Improve description and false positives for Linux security tool disablement detection Author Input Required changes the require information from original author of the rules Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5853 opened Feb 3, 2026 by amittrap Loading… Sigma-March-Release
6
New Rules: Microsoft Defender for Office 365 Review Needed The PR requires review Rules
#5849 opened Jan 31, 2026 by Luke57 Loading…
1
Improve macOS "Credentials from Password Stores - Keychain" rule MacOS Pull request add/update macos related rules Review Needed The PR requires review Rules
#5848 opened Jan 30, 2026 by Niicolaa Loading… Sigma-February-Release
@nasbench
New rule: suspicious emails delivered in Microsoft 365 Review Needed The PR requires review Rules
#5846 opened Jan 27, 2026 by marcopedrinazzi Loading… Sigma-February-Release
3
Improved Linux local account discovery detection and false positives Linux Pull request add/update linux related rules Review Needed The PR requires review Rules
#5843 opened Jan 20, 2026 by Aadith1422 Loading… Sigma-February-Release
1
ProTip! Type g i on any issue or pull request to go back to the issue listing page.