Sigma Rules List PDF

‘Sigma Rules List’ PDF Quick download link is given at the bottom of this article. You can see the PDF demo, size of the PDF, page numbers, and direct download Free PDF of ‘Sigma Rules List with Examples’ using the download button.

Sigma Rules List with Examples Book PDF Free Download

sigma-rules-list

Sigma Rules List

Rule TitleRule AuthorRuleset NameFilesUndetected Files
Autorun Keys ModificationVictor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim SheltonSigma Integrated Rule Set (GitHub)2140155753952
Suspicious Run Key from DownloadFlorian RothSigma Integrated Rule Set (GitHub)82527415330
Stop Windows ServiceJakob Weinzettl, oscd.communitySigma Integrated Rule Set (GitHub)683139738789
Net.exe ExecutionMichael Haag, Mark Woan (improvements), James Pemberton / @4A616D6573 / oscd.community (improvements)Sigma Integrated Rule Set (GitHub)645151535190
Milum malware detection (WildPressure APT)Ariel MillahuelSOC Prime Threat Detection Marketplace629196824
Non Interactive PowerShellRoberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements)Sigma Integrated Rule Set (GitHub)3991193105250
Always Install Elevated Windows InstallerTeymur Kheirkhabarov (idea), Mangatas Tondang (rule), oscd.communitySigma Integrated Rule Set (GitHub)302532655602
File Created with System Process NameSander WiebingSigma Integrated Rule Set (GitHub)228494413926
Windows Processes Suspicious Parent DirectoryvburovSigma Integrated Rule Set (GitHub)185175292
Shade Ransomware (Sysmon detection)Ariel MillahuelSOC Prime Threat Detection Marketplace167384016
Suspicious desktop.ini ActionMaxime Thiebaut (@0xThiebaut)Sigma Integrated Rule Set (GitHub)1397422161
System File Execution Location AnomalyFlorian Roth, Patrick Bareiss, Anton Kutepov, oscd.communitySigma Integrated Rule Set (GitHub)1386967622
Nibiru detection (Registry event and CommandLine parameters)Ariel MillahuelSOC Prime Threat Detection Marketplace114766754640
File deletion via CMD (via cmdline)Ariel MillahuelSOC Prime Threat Detection Marketplace9238909083
Suspicious Svchost ProcessFlorian RothSigma Integrated Rule Set (GitHub)845991133
Windows PowerShell Web RequestJames Pemberton / @4A616D6573Sigma Integrated Rule Set (GitHub)805020104
Execution from Suspicious FolderFlorian RothSigma Integrated Rule Set (GitHub)6439795419
Suspect Svchost ActivityDavid BurkettSigma Integrated Rule Set (GitHub)56803187
Direct Autorun Keys ModificationVictor Sergeev, Daniil Yugoslavskiy, oscd.communitySigma Integrated Rule Set (GitHub)549037130
CSRSS.exe spawned from unusual location (possible mimicking) (via cmdline)SOC Prime TeamSOC Prime Threat Detection Marketplace53171011
Swisyn Trojan (Sysmon detection)Ariel MillahuelSOC Prime Threat Detection Marketplace494316108
Suspicious Program Location with Network ConnectionsFlorian RothSigma Integrated Rule Set (GitHub)4820765335
Scheduled Task CreationFlorian RothSigma Integrated Rule Set (GitHub)431585473
Startup Folder File WriteRoberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research)Sigma Integrated Rule Set (GitHub)323029118
Executables Started in Suspicious FolderFlorian RothSigma Integrated Rule Set (GitHub)3181562408
Suspicious Program Location Process StartsFlorian RothSigma Integrated Rule Set (GitHub)3150712406
Execution File Type Other Than .exeMax AltgeltSigma Integrated Rule Set (GitHub)3141993369
Possible Applocker Bypassjuju4Sigma Integrated Rule Set (GitHub)264915225
Author
Language English
No. of Pages156
PDF Size5 MB
CategoryEducation
Source/Creditsvirustotal.com

Sigma Rules List with Examples Book PDF Free Download

Leave a Comment

Your email address will not be published. Required fields are marked *

error: Content is protected !!