|
About the Rule Signatures category
|
|
0
|
2434
|
September 12, 2022
|
|
SIG:ET HUNTING Possible Sliver Age and Minisign Key Material in Internal TCP Stream
|
|
0
|
51
|
June 10, 2026
|
|
Suricata.eve.alert.severity vs metadata's signature_severity
|
|
1
|
43
|
June 9, 2026
|
|
SIG: ET TROJAN Gamaredon.APT GammaLoad Stage 1 User-Agent Structure
|
|
0
|
46
|
June 4, 2026
|
|
SIG: EarthWorm Reverse SOCKS Handshake and Tunnel Sequence Detection
|
|
6
|
168
|
May 27, 2026
|
|
SIG: BPFDoor icmpShell ICMP artifacts from Rapid7 whitepaper
|
|
12
|
895
|
May 14, 2026
|
|
SID 2069172 Alerts on Benign Activity
|
|
1
|
67
|
May 8, 2026
|
|
Rule 2687428 VMware vCenter DCERPC Out-of-Bounds Write (CVE-2023-34048)
|
|
3
|
57
|
May 7, 2026
|
|
SIG: Suspicious File Delivery from Cloudflare Family Host
|
|
7
|
173
|
April 10, 2026
|
|
SIGS: PoC for Axios NPM package supply chain compromise
|
|
3
|
116
|
April 1, 2026
|
|
SIGS: ET TROJAN MuddyWatter HTTP_VIP Backdoor
|
|
1
|
99
|
March 4, 2026
|
|
Possibly incorrect domain for ET ADWARE_PUP signature
|
|
2
|
65
|
February 25, 2026
|
|
Idea for new rules
|
|
0
|
77
|
February 4, 2026
|
|
Phishing / Crypto Wallet Drainer - psyopanime.net
|
|
2
|
126
|
January 15, 2026
|
|
Wrong malware family attribution 123Stealer
|
|
1
|
75
|
January 15, 2026
|
|
Closer cooperation between OPNsense and Suricata – TLS traffic decryption discussion
|
|
0
|
93
|
December 24, 2025
|
|
SIGS: CastleLoader/RAT
|
|
5
|
163
|
December 19, 2025
|
|
PowerShell Malware from 147.45.178.149
|
|
2
|
129
|
December 18, 2025
|
|
2010677 ET MALWARE Suspicious User-Agent (My Session)
|
|
4
|
105
|
December 5, 2025
|
|
AURA stealer
|
|
7
|
275
|
November 25, 2025
|
|
Suricata not detecting attacks using emerging threats
|
|
0
|
158
|
November 4, 2025
|
|
False Positive 2065016 ET TROJAN BPFDoor Heartbeat (Outbound)
|
|
2
|
218
|
October 6, 2025
|
|
False family: renaming rules from Lumma stealer to GCleaner loader
|
|
1
|
110
|
September 8, 2025
|
|
I want advice on Writing Better Detection Rules
|
|
1
|
159
|
September 2, 2025
|
|
SIG: ET HUNTING Possible JSFireTruck JavaScript Obfuscation
|
|
2
|
188
|
July 14, 2025
|
|
Games and Myths: Mythstealer Spotted in the Wild
|
|
1
|
297
|
July 1, 2025
|
|
Http.dottedquadhost and you
|
|
2
|
578
|
July 1, 2025
|
|
Invalid DNS rule with default snort configurations
|
|
0
|
86
|
June 25, 2025
|
|
External IP Lookup Rules
|
|
1
|
273
|
June 20, 2025
|
|
PayDay Loader
|
|
1
|
129
|
May 27, 2025
|