Community
Rule Authors
494 contributors who authored 5,415 Sigma rules across the SigmaHQ repository.
494
Total Authors
5,415
Rules Authored
18
Known GitHub
494 authors
NB
Nasreddine Bencherchali
Nextron Systems
957rules
Sun
624solo
333co-authored
windows / process_creation
View profile
FR
Florian Roth
Nextron Systems
638rules
Wed
393solo
245co-authored
windows / process_creation
View profile
FH
François Hubaut
477rules
Wed
340solo
137co-authored
windows / process_creation
View profile
O
oscd.community
373rules
Sun
0solo
373co-authored
windows / process_creation
View profile
SS
Swachchhanda Shrawan Poudel
Nextron Systems
193rules
Sat
133solo
60co-authored
windows / process_creation
View profile
AS
Austin Songer
115rules
Sun
106solo
9co-authored
azure / activitylogs
View profile
RR
Roberto Rodriguez
Cyb3rWard0g
88rules
Mon
19solo
69co-authored
windows / security
View profile
X
X__Junior
Nextron Systems
88rules
Sat
55solo
33co-authored
windows / process_creation
View profile
TS
Tim Shelton
66rules
Sun
4solo
62co-authored
windows / process_creation
View profile
O
OTR
Open Threat Research
54rules
Wed
2solo
52co-authored
windows / security
View profile
DY
Daniil Yugoslavskiy
52rules
Sun
0solo
52co-authored
windows / process_creation
View profile
MM
Mark Morowczynski
50rules
Thu
1solo
49co-authored
azure / auditlogs
View profile
CB
Christian Burkard
Nextron Systems
48rules
Fri
36solo
12co-authored
windows / process_creation
View profile
JR
Jonhnathan Ribeiro
44rules
Sun
0solo
44co-authored
windows / process_creation
View profile
TZ
Timur Zinniatullin
43rules
Mon
0solo
43co-authored
windows / registry_set
View profile
MN
Markus Neis
41rules
Mon
14solo
27co-authored
windows / process_creation
View profile
BR
Bhabesh Raj
38rules
Tue
31solo
7co-authored
webserver
View profile
ES
Elastic Security
38rules
Thu
1solo
37co-authored
windows / process_creation
View profile
TK
Teymur Kheirkhabarov
38rules
Sun
2solo
36co-authored
windows / process_creation
View profile
K
kostastsale
37rules
Mon
28solo
9co-authored
windows / process_creation
View profile
TP
Thomas Patzke
34rules
Sun
26solo
8co-authored
windows / security
View profile
MF
Muhammad Faisal
32rules
Thu
31solo
1co-authored
bitbucket / audit
View profile
JS
Joseliyo Sanchez
30rules
Wed
28solo
2co-authored
linux / process_creation
View profile
NN
Nikita Nazarov
27rules
Tue
0solo
27co-authored
windows / ps_script
View profile
TR
Tim Rauch
27rules
Tue
0solo
27co-authored
windows / process_creation
View profile
CP
Christopher Peacock
25rules
Fri
1solo
24co-authored
windows / process_creation
View profile
GL
Gloria Lee
25rules
Tue
1solo
24co-authored
azure / riskdetection
View profile
SB
Samir Bousseaden
24rules
Sat
13solo
11co-authored
windows / security
View profile
MA
Max Altgelt
Nextron Systems
23rules
Sun
12solo
11co-authored
windows / process_creation
View profile
PM
Pawel Mazur
22rules
Mon
18solo
4co-authored
linux / auditd
View profile
VS
Victor Sergeev
22rules
Mon
0solo
22co-authored
windows / registry_set
View profile
MM
Martin Mueller
21rules
Sat
12solo
9co-authored
windows / process_creation
View profile
MH
Michael Haag
21rules
Thu
4solo
17co-authored
windows / process_creation
View profile
S
SCYTHE
21rules
Fri
0solo
21co-authored
windows / process_creation
View profile
AB
Andreas Braathen
mnemonic.io
20rules
Wed
17solo
3co-authored
windows / process_creation
View profile
MA
Matt Anderson
19rules
Sun
9solo
10co-authored
windows / process_creation
View profile
SS
Sittikorn S
19rules
Sun
9solo
10co-authored
webserver
View profile
AO
Alejandro Ortuno
18rules
Wed
0solo
18co-authored
macos / process_creation
View profile
SO
Security Onion Solutions
18rules
Fri
opencanary / application
View profile
DP
Dekel Paz
17rules
Sat
0solo
17co-authored
rpc_firewall / application
View profile
MP
Marco Pedrinazzi
InTheCyber
17rules
Sat
16solo
1co-authored
fortigate / event
View profile
SD
Sagie Dulce
17rules
Sat
0solo
17co-authored
rpc_firewall / application
View profile
S
Sreeman
17rules
Mon
12solo
5co-authored
windows / process_creation
View profile
GS
Gleb Sukhodolskiy
15rules
Tue
0solo
15co-authored
windows / registry_set
View profile
JC
Jonathan Cheong
15rules
Tue
0solo
15co-authored
windows / security
View profile
ÖG
Ömer Günal
15rules
Tue
3solo
12co-authored
linux / process_creation
View profile
TM
Tobias Michalski
15rules
Sun
5solo
10co-authored
windows / process_creation
View profile
BD
Beyu Denis
14rules
Sat
0solo
14co-authored
windows / process_creation
View profile
M
MSTIC
14rules
Tue
0solo
14co-authored
linux / process_creation
View profile
SG
Sohan G
D4rkCiph3r
14rules
Tue
12solo
2co-authored
macos / process_creation
View profile
AH
Andreas Hunkeler
13rules
Sat
7solo
6co-authored
windows / process_creation
View profile
EA
E.M. Anhaus (originally from Atomic Blue Detections
13rules
Thu
0solo
13co-authored
windows / process_creation
View profile
E
Endgame)
13rules
Tue
0solo
13co-authored
windows / process_creation
View profile
JN
Josh Nickels
13rules
Sun
2solo
11co-authored
windows / process_creation
View profile
SW
Sander Wiebing
13rules
Sat
1solo
12co-authored
windows / process_creation
View profile
T
TheDFIRReport
13rules
Sat
0solo
13co-authored
windows / process_creation
View profile
@
@neu5ron
12rules
Thu
5solo
7co-authored
windows / security
View profile
AC
Austin Clark
12rules
Sun
cisco / aaa
View profile
BB
Bailey Bercik
12rules
Thu
0solo
12co-authored
azure / auditlogs
View profile
CM
Cedric Maurugeon
12rules
Fri
6solo
6co-authored
linux / process_creation
View profile
HS
Harjot Singh
12rules
Fri
7solo
5co-authored
windows / process_creation
View profile
IO
Ilyas Ochkov
12rules
Sat
0solo
12co-authored
windows / security
View profile
MB
Micah Babinski
12rules
Sun
9solo
3co-authored
windows / process_creation
View profile
W
wagga
12rules
Tue
0solo
12co-authored
windows / process_creation
View profile
AP
Andy Parkidomo
11rules
Thu
0solo
11co-authored
linux / process_creation
View profile
BH
Blake Hartstein
Bloomberg L.P.
11rules
Thu
0solo
11co-authored
linux / process_creation
View profile
IS
Ivan Saakov
11rules
Fri
7solo
4co-authored
aws / cloudtrail
View profile
LL
Li Ling
11rules
Thu
0solo
11co-authored
linux / process_creation
View profile
NS
Natalia Shornikova
11rules
Thu
0solo
11co-authored
windows / process_creation
View profile
O
omkar72
11rules
Wed
4solo
7co-authored
windows / process_creation
View profile
RR
Robert Rakowski
11rules
Thu
0solo
11co-authored
linux / process_creation
View profile
SP
SOC Prime
11rules
Tue
0solo
11co-authored
windows / security
View profile
YH
Yochana Henderson
11rules
Wed
3solo
8co-authored
azure / auditlogs
View profile
AR
Arnim Rupp
10rules
Sun
0solo
10co-authored
antivirus
View profile
E
Ecco
10rules
Sat
1solo
9co-authored
windows / process_creation
View profile
E
elhoim
10rules
Mon
5solo
5co-authored
windows / process_creation
View profile
IF
Igor Fits
10rules
Tue
0solo
10co-authored
linux / auditd
View profile
JM
Janantha Marasinghe
10rules
Sat
6solo
4co-authored
windows / process_creation
View profile
K
kelnage
10rules
Mon
kubernetes / audit
View profile
LT
Leo Tsaousis
10rules
Tue
kubernetes / application / audit
View profile
MD
Mike Duddington
10rules
Thu
7solo
3co-authored
azure / signinlogs
View profile
ZS
Zach Stanford
10rules
Wed
0solo
10co-authored
windows / process_creation
View profile
DB
Daniel Bohannon
/
9rules
Wed
3solo
6co-authored
aws / cloudtrail
View profile
JT
Ján Trenčanský
9rules
Tue
2solo
7co-authored
windows / windefend
View profile
J
juju4
9rules
Sun
5solo
4co-authored
windows / process_creation
View profile
ML
Mikhail Larin
9rules
Fri
0solo
9co-authored
macos / process_creation
View profile
N
NVISO
9rules
Thu
8solo
1co-authored
windows / file_event
View profile
TO
Thurein Oo
9rules
Tue
0solo
9co-authored
webserver
View profile
@
@gott_cyber
8rules
Sun
7solo
1co-authored
windows / process_creation
View profile
@
@oscd_initiative
8rules
Mon
0solo
8co-authored
windows / process_creation
View profile
A
AlertIQ
8rules
Sun
6solo
2co-authored
azure / signinlogs
View profile
AY
Alexandr Yampolskyi
8rules
Tue
0solo
8co-authored
windows / security
View profile
BC
Bartlomiej Czyz
8rules
Sun
0solo
8co-authored
windows / process_creation
View profile
JW
Jakob Weinzettl
8rules
Mon
0solo
8co-authored
linux / auditd
View profile
MC
Milad Cheraghi
8rules
Sat
6solo
2co-authored
linux / auditd
View profile
MH
Moti Harmats
8rules
Sat
jvm / application
View profile
TL
Trent Liffick
8rules
Wed
4solo
4co-authored
windows / process_creation
View profile
VB
Vasiliy Burov
8rules
Wed
1solo
7co-authored
windows / process_creation
View profile
WB
Wietze Beukema
project and research
8rules
Wed
1solo
7co-authored
windows / image_load
View profile
ZM
Zach Mathis
8rules
Wed
4solo
4co-authored
windows / security
View profile
@
@d4ns4n_
7rules
Fri
4solo
3co-authored
linux / process_creation
View profile
@
@serkinvalery
7rules
Fri
6solo
1co-authored
windows / system
View profile
EŞ
Ensar Şamil
7rules
Mon
0solo
7co-authored
windows / process_creation
View profile
J
jamesc-grafana
7rules
Thu
aws / cloudtrail
View profile
JF
Julia Fomina
7rules
Mon
0solo
7co-authored
windows / process_creation
View profile
OT
Open Threat Research
OTR
7rules
Sat
0solo
7co-authored
windows / security
View profile
TU
Tom Ueltschi
7rules
Fri
3solo
4co-authored
windows / process_creation
View profile
AA
Ali Alwashali
6rules
Sun
5solo
1co-authored
windows / application
View profile
A
Antonlovesdnb
6rules
Wed
4solo
2co-authored
windows / image_load
View profile
DK
Daniel Koifman
KoifSec
6rules
Mon
3solo
3co-authored
windows / process_creation
View profile
DA
David ANDRE
additional keywords
6rules
Tue
0solo
6co-authored
windows / process_creation
View profile
F
FPT.EagleEye
6rules
Thu
1solo
5co-authored
windows / process_creation
View profile
FC
Furkan CALISKAN
6rules
Mon
1solo
5co-authored
windows / process_creation
View profile
GL
Georg Lauenstein
sure[secure]
6rules
Sun
1solo
5co-authored
linux / process_creation
View profile
HS
Harish Segar
6rules
Wed
1solo
5co-authored
windows / ps_classic_start
View profile
LG
Luc Génaux
6rules
Wed
5solo
1co-authored
linux / process_creation
View profile
ME
Michael Epping
6rules
Tue
azure / auditlogs
View profile
OK
Omar Khaled
6rules
Tue
4solo
2co-authored
macos / process_creation
View profile
WL
Wojciech Lesicki
6rules
Tue
2solo
4co-authored
windows / security
View profile
X
xknow
6rules
Sun
1solo
5co-authored
windows / security
View profile
AP
Aleksey Potapov
5rules
Fri
0solo
5co-authored
windows / security
View profile
AB
Anish Bogati
5rules
Thu
2solo
3co-authored
windows / registry_set
View profile
AK
Anton Kutepov
5rules
Sun
0solo
5co-authored
windows / process_creation
View profile
CH
Cian Heasley
5rules
Wed
4solo
1co-authored
windows / process_creation
View profile
DS
Dimitrios Slamaris
5rules
Mon
3solo
2co-authored
windows / system
View profile
F
faloker
5rules
Tue
aws / cloudtrail
View profile
FT
FPT.EagleEye Team
5rules
Fri
0solo
5co-authored
windows / process_creation
View profile
H
Huntress
5rules
Tue
0solo
5co-authored
windows / file_event
View profile
JP
James Pemberton
5rules
Sat
3solo
2co-authored
windows / process_creation
View profile
MM
Michael McKinley
5rules
Mon
0solo
5co-authored
windows / process_creation
View profile
NS
Nik Seetharaman
5rules
Mon
3solo
2co-authored
windows / process_creation
View profile
NJ
Norbert Jaśniewicz
AlphaSOC
5rules
Mon
macos / process_creation
View profile
OM
Oddvar Moe
5rules
Wed
0solo
5co-authored
windows / process_creation
View profile
PD
Perez Diego
5rules
Mon
0solo
5co-authored
windows / create_remote_thread
View profile
PC
Pratinav Chandra
5rules
Mon
macos / process_creation
View profile
R
remotephone
5rules
Tue
1solo
4co-authored
macos / process_creation
View profile
TL
Tony Lambert)
5rules
Thu
0solo
5co-authored
windows / process_creation
View profile
TL
Tony Latteri
5rules
Mon
0solo
5co-authored
windows / process_creation
View profile
TL
Tuan Le
NCSGroup
5rules
Mon
3solo
2co-authored
linux / process_creation
View profile
C
Cyb3rEng
4rules
Fri
0solo
4co-authored
windows / process_creation
View profile
EA
E.M. Anhaus
4rules
Thu
0solo
4co-authored
windows / process_creation
View profile
HT
Hieu Tran
4rules
Mon
3solo
1co-authored
windows / process_creation
View profile
J
JHasenbusch
4rules
Tue
0solo
4co-authored
windows / process_creation
View profile
JL
John Lambert
4rules
Sat
1solo
3co-authored
windows / process_creation
View profile
JK
Joseph Kamau
4rules
Fri
windows / process_creation
View profile
KS
Kamran Saifullah
4rules
Mon
3solo
1co-authored
windows / network_connection
View profile
KK
Kirill Kiryanov
4rules
Wed
0solo
4co-authored
windows / process_creation
View profile
MT
Maxime Thiebaut
4rules
Thu
2solo
2co-authored
windows / process_creation
View profile
NS
Nextron Systems
4rules
Thu
3solo
1co-authored
windows / process_creation
View profile
SP
Sai Prashanth Pulisetti
4rules
Sat
1solo
3co-authored
windows / process_creation
View profile
SN
Sajid Nawaz Khan
4rules
Wed
windows / process_creation
View profile
SM
Sean Metcalf
source
4rules
Sun
0solo
4co-authored
windows / ps_script
View profile
SL
Stephen Lincoln
AttackIQ
4rules
Thu
3solo
1co-authored
windows / process_creation
View profile
SP
Subhash Popuri
4rules
Sat
2solo
2co-authored
webserver
View profile
TD
The DFIR Report
4rules
Wed
2solo
2co-authored
windows / file_event
View profile
TB
Tim Brown
4rules
Mon
cisco / bgp
View profile
T
TropChaud
4rules
Mon
windows / process_creation
View profile
VK
Vadim Khrykov
ThreatIntel
4rules
Fri
0solo
4co-authored
windows / process_creation
View profile
_
_pete_0
3rules
Mon
0solo
3co-authored
windows / process_creation
View profile
@
@pbssubhash
3rules
Thu
2solo
1co-authored
windows / file_event
View profile
@
@roxpinteddy
3rules
Sat
windows / file_event
View profile
@
@sbousseaden
3rules
Fri
0solo
3co-authored
windows / security
View profile
AG
Aaron Greetham - NCC Group
3rules
Mon
2solo
1co-authored
windows / dns_query
View profile
AF
Ahmed Farouk
3rules
Fri
1solo
2co-authored
windows / registry_set
View profile
AR
Alexander Rausch
3rules
Wed
windows / file_event
View profile
AS
Andrew Schwartz
3rules
Tue
0solo
3co-authored
windows / file_event
View profile
A
andrewdanis
3rules
Wed
2solo
1co-authored
windows / process_creation
View profile
AS
Avneet Singh
3rules
Sun
0solo
3co-authored
windows / process_creation
View profile
A
Azure-Sentinel
3rules
Sun
0solo
3co-authored
zeek / dns
View profile
BL
Bryan Lim
3rules
Fri
gcp / gcp.audit
View profile
CS
Caleb Stewart
3rules
Tue
0solo
3co-authored
windows / file_event
View profile
CF
Center for Threat Informed DefenseSummiting the Pyramid Team
CTID
3rules
Wed
windows / security
View profile
C
CheraghiMilad
3rules
Mon
0solo
3co-authored
linux / process_creation
View profile
C
CISA
3rules
Mon
windows / image_load
View profile
C
citron_ninja
3rules
Wed
2solo
1co-authored
windows / dns_query
View profile
CM
Connor Martin
3rules
Mon
0solo
3co-authored
windows / security
View profile
CK
Corissa Koopmans
3rules
Mon
azure / auditlogs
View profile
D
D3F7A5105
3rules
Thu
2solo
1co-authored
windows / file_event
View profile
DB
David Burkett
3rules
Sat
linux / auditd
View profile
DL
Dmitriy Lifanov
3rules
Fri
0solo
3co-authored
windows / dns_query
View profile
DU
Dmitry Uchakin
3rules
Tue
0solo
3co-authored
windows / image_load
View profile
ET
EagleEye Team
3rules
Wed
1solo
2co-authored
windows / network_connection
View profile
GK
Gavin Knapp
3rules
Thu
windows / network_connection
View profile
ID
Ian Davis
3rules
Thu
0solo
3co-authored
windows / security
View profile
J
j4son
3rules
Tue
2solo
1co-authored
windows / application
View profile
JR
Jose Rodriguez
3rules
Thu
1solo
2co-authored
windows / msexchange-management
View profile
KG
Konstantin Grishchenko
3rules
Tue
0solo
3co-authored
windows / process_creation
View profile
LR
Liran Ravich
3rules
Wed
2solo
1co-authored
windows / process_creation
View profile
MT
Mangatas Tondang
3rules
Tue
0solo
3co-authored
windows / process_creation
View profile
MR
Marius Rothenbücher
3rules
Wed
0solo
3co-authored
windows / security
View profile
NK
Nikita Khalimonenkov
3rules
Thu
m365 / threat_management
View profile
NM
Nounou Mbeiri
3rules
Wed
0solo
3co-authored
windows / process_creation
View profile
PB
Patrick Bareiss
3rules
Mon
2solo
1co-authored
linux
View profile
QN
Qi Nan
3rules
Mon
0solo
3co-authored
linux / process_creation
View profile
RC
Red Canary
3rules
Wed
0solo
3co-authored
macos / process_creation
View profile
RW
Rich Warren
3rules
Sat
0solo
3co-authored
webserver
View profile
RG
Romain Gaillard
3rules
Mon
github / audit
View profile
SR
Sami Ruohonen
3rules
Tue
2solo
1co-authored
windows / process_creation
View profile
S
sawwinnnaung
3rules
Thu
azure / activitylogs
View profile
SH
Seth Hanford
3rules
Wed
linux / process_creation
View profile
SI
Sorina Ionescu
3rules
Sun
1solo
2co-authored
m365 / threat_management
View profile
ST
Splunk Threat Research Team
original rule
3rules
Tue
0solo
3co-authored
m365 / audit
View profile
S
Swisscom
3rules
Fri
0solo
3co-authored
windows / process_creation
View profile
TB
Tim Burrell
3rules
Thu
windows / process_access
View profile
V
vitaliy0x1
3rules
Tue
aws / cloudtrail
View profile
X
xorxes
3rules
Mon
0solo
3co-authored
windows / security
View profile
@
@41thexplorer
2rules
Tue
1solo
1co-authored
windows / file_event
View profile
@
@barryshooshooga
2rules
Sat
1solo
1co-authored
windows / security
View profile
@
@ionsor
2rules
Tue
1solo
1co-authored
azure / activitylogs
View profile
@
@sam0x90
2rules
Fri
windows / file_event
View profile
@
@scoubimtl
2rules
Mon
windows / file_event
View profile
A
AdmU3
2rules
Tue
1solo
1co-authored
windows / process_creation
View profile
AR
Aedan Russell
2rules
Sun
0solo
2co-authored
windows / process_creation
View profile
AO
Agro oscd.community
2rules
Sat
windows / process_creation
View profile
AN
Ahmed Nosir
2rules
Thu
windows / dns_query
View profile
AH
Alejandro Houspanossian
2rules
Mon
1solo
1co-authored
windows / process_creation
View profile
AC
Alfie Champion
ajpc500
2rules
Wed
1solo
1co-authored
windows / process_creation
View profile
AP
Anna Pham
Huntress
2rules
Fri
0solo
2co-authored
windows / process_creation
View profile
B
BlueDefenZer
2rules
Wed
0solo
2co-authored
windows / security
View profile
B
bohops
2rules
Fri
1solo
1co-authored
windows / process_creation
View profile
C
CD_ROM_
2rules
Wed
1solo
1co-authored
windows / process_creation
View profile
CH
Chad Hudson
2rules
Sun
0solo
2co-authored
windows / process_creation
View profile
CG
Chakib Gzenayi
2rules
Fri
0solo
2co-authored
windows / security
View profile
C
Corelight
2rules
Tue
0solo
2co-authored
zeek / dns
View profile
DC
Daniel Cortez
2rules
Tue
macos / process_creation
View profile
DS
Darin Smith
2rules
Mon
aws / cloudtrail
View profile
DB
David Bertho & Eirik Sveen
2rules
Wed
0solo
2co-authored
windows / registry_set
View profile
DI
Den Iuzvyk
2rules
Sun
windows / image_load
View profile
DA
Dray Agha
2rules
Fri
0solo
2co-authored
windows / process_creation
View profile
ES
Eli Salem
2rules
Thu
0solo
2co-authored
windows / process_creation
View profile
F
fuzzyf10w
2rules
Wed
0solo
2co-authored
windows / smbclient-security
View profile
G
Greg
2rules
Fri
windows / file_event
View profile
HS
Harjot Shah Singh
2rules
Tue
azure / auditlogs
View profile
HM
Hosni Mribah
2rules
Fri
0solo
2co-authored
windows / security
View profile
I
IAI
2rules
Mon
1solo
1co-authored
linux / auditd
View profile
IK
Ilya Krestinichev
2rules
Tue
1solo
1co-authored
windows / process_creation
View profile
ID
Ivan Dyachkov
2rules
Wed
0solo
2co-authored
windows / process_creation
View profile
JL
Jason Lynch
2rules
Tue
1solo
1co-authored
windows / process_creation
View profile
JP
Jason Phang Vern - Onn
2rules
Sat
0solo
2co-authored
macos / file_event
View profile
JR
Jason Rathbun
Blackpoint Cyber
2rules
Mon
windows / process_creation
View profile
JB
Jimmy Bayne
2rules
Thu
1solo
1co-authored
windows / process_creation
View profile
JL
Jose Luis Sanchez Martinez
2rules
Wed
windows / process_creation
View profile
K
Karneades
2rules
Wed
0solo
2co-authored
windows / process_creation
View profile
K/
Karneades / Markus Neis
2rules
Thu
0solo
2co-authored
windows / process_creation
View profile
K
KevTheHermit
2rules
Wed
0solo
2co-authored
windows / smbclient-security
View profile
KA
Kutepov Anton
2rules
Wed
0solo
2co-authored
windows / process_creation
View profile
LB
Lars B. P. Frydenskov
Trifork Security
2rules
Fri
cisco / syslog
View profile
LD
Luca Di Bartolomeo
CrimpSec
2rules
Mon
windows / process_creation
View profile
MK
MahirAli Khan
in/mahiralikhan
2rules
Tue
0solo
2co-authored
windows / process_creation
View profile
ME
Marie Euler
2rules
Mon
1solo
1co-authored
linux / auditd
View profile
MR
Mark Russinovich
2rules
Fri
0solo
2co-authored
windows / security
View profile
MW
Mateusz Wydra
2rules
Mon
0solo
2co-authored
windows / process_creation
View profile
MG
Matthew Green
2rules
Sat
0solo
2co-authored
windows / process_creation
View profile
MV
Mauricio Velazco
2rules
Thu
0solo
2co-authored
windows / security
View profile
MP
Maxim Pavlunin
2rules
Wed
1solo
1co-authored
windows / process_creation
View profile
M
megan201296
2rules
Wed
1solo
1co-authored
windows / registry_event
View profile
M
memory-shards
2rules
Sat
0solo
2co-authored
windows / process_creation
View profile
MA
Meroujan Antonyan
vx3r
2rules
Tue
windows / process_creation
View profile
M
Microsoft
2rules
Thu
0solo
2co-authored
windows / process_creation
View profile
ML
Mohamed LAKRI
2rules
Fri
linux / process_creation
View profile
MK
Mustafa Kaan Demir
2rules
Sun
0solo
2co-authored
windows / file_event
View profile
NT
Nuttakorn T
2rules
Thu
0solo
2co-authored
antivirus
View profile
OI
ok invrep_de
2rules
Fri
0solo
2co-authored
windows / ps_module
View profile
OH
Olaf Hartong
2rules
Fri
1solo
1co-authored
windows / create_remote_thread
View profile
O
Orlinum
2rules
Wed
0solo
2co-authored
windows / security
View profile
PD
Pushkarev Dmitry
2rules
Sat
windows / applocker
View profile
RP
Rafal Piasecki
2rules
Wed
linux / auditd
View profile
R
Relativity
2rules
Thu
0solo
2co-authored
windows / security
View profile
RO
Robbin Ooi Zhen Heng
Gen Digital
2rules
Sat
0solo
2co-authored
macos / file_event
View profile
SW
Saw Win Naung
2rules
Sat
0solo
2co-authored
webserver
View profile
SW
Saw Winn Naung
2rules
Sun
0solo
2co-authored
zeek / dns
View profile
S
Scoubi
2rules
Mon
1solo
1co-authored
windows / file_event
View profile
S
sigma
2rules
Sun
zeek / kerberos
View profile
SC
Stamatis Chatzimangou
2rules
Sun
windows / application
View profile
S
Storebrand
2rules
Wed
0solo
2co-authored
windows / registry_set
View profile
SS
Swachchhanda Shrawn Poudel
Nextron Systems
2rules
Thu
linux / process_creation
View profile
SH
Syed Hasan
2rules
Sat
windows / security
View profile
TC
Teoderick Contreras
2rules
Thu
0solo
2co-authored
linux / file_event
View profile
TD
Thomas Detzner
2rules
Thu
0solo
2co-authored
azure / auditlogs
View profile
TZ
Timur Zinniatullin oscd.community
2rules
Tue
0solo
2co-authored
windows / security
View profile
TU
Tom U.
collection
2rules
Fri
0solo
2co-authored
windows / application
View profile
Y
yxinmiracle
2rules
Fri
1solo
1co-authored
windows / process_creation
View profile
-R
- rule; Teymur Kheirkhabarov
Security Risk Advisors
1rules
Wed
windows / process_creation
View profile
@
@_felamos
1rules
Sat
0solo
1co-authored
windows / process_creation
View profile
@
@blu3_team
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
@
@br4dy5
1rules
Mon
windows / system
View profile
@
@cyb3rjy0t
1rules
Sat
0solo
1co-authored
webserver
View profile
@
@harr0ey
1rules
Sat
0solo
1co-authored
windows / process_creation
View profile
@
@signalblur
1rules
Wed
0solo
1co-authored
zeek / http
View profile
0
0xFustang
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
AS
A. Sungurov
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
AH
Aaron Herman
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
AS
Aaron Stratton
1rules
Mon
windows / process_creation
View profile
AG
Aayush Gupta
1rules
Tue
linux / process_creation
View profile
AB
Adam Bradbury
1rules
Sun
0solo
1co-authored
windows / security
View profile
AS
Adam Swan
1rules
Fri
0solo
1co-authored
zeek / http
View profile
AA
Adan Alvarez
1rules
Sun
aws / cloudtrail
View profile
AM
Adeem Mawani
1rules
Tue
windows / ldap
View profile
A
Agro
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
AO
Agro oscd.communitly
1rules
Tue
windows / process_creation
View profile
AB
Aidan Bracher
1rules
Tue
windows / registry_event
View profile
AS
Aishwarya Singam
1rules
Sat
0solo
1co-authored
windows / ps_classic_start
View profile
AC
Alec Costello
1rules
Thu
windows / ps_script
View profile
AW
Alex Walston
1rules
Mon
windows / process_creation
View profile
AM
Alexander McDonald
1rules
Fri
windows / process_creation
View profile
AS
alias support)
1rules
Sun
0solo
1co-authored
windows / ps_script
View profile
AS
Alina Stepchenkova
1rules
Fri
0solo
1co-authored
windows / ps_script
View profile
AV
Angelo Violetti - SEC Consult
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
A
ANosir
1rules
Thu
windows / security
View profile
AC
Antonio Cocomazzi
1rules
Wed
0solo
1co-authored
windows / file_event
View profile
AB
Arda Buyukkaya
EclecticIQ
1rules
Tue
windows / process_creation
View profile
AC
Arun Chauhan
1rules
Fri
windows / process_creation
View profile
AW
Austin Worline
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
AE
Avihay eldad
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
AO
Axel Olsson
1rules
Sun
proxy
View profile
B
B.Talebi
1rules
Thu
windows / registry_set
View profile
B
bartblaze
1rules
Mon
windows / network_connection
View profile
BD
Benjamin Delpy
1rules
Sun
0solo
1co-authored
windows / security
View profile
BP
Bhavin Patel
STRT
1rules
Mon
0solo
1co-authored
webserver
View profile
BK
Bjoern Kimminich
1rules
Mon
sql / application
View profile
BT
BlackBerry Threat Research and Intelligence Team
1rules
Wed
windows / registry_set
View profile
B
blueteam0ps
1rules
Mon
0solo
1co-authored
windows / pipe_created
View profile
B
blueteamer8699
1rules
Mon
windows / process_creation
View profile
BT
Borna Talebi
1rules
Tue
windows / ps_script
View profile
BG
Brandon George
blog post
1rules
Thu
0solo
1co-authored
windows / dns_query
View profile
BI
Brian Ingram
1rules
Fri
0solo
1co-authored
proxy
View profile
CM
C.J. May
1rules
Tue
windows / file_event
View profile
C
CD_R0M_
1rules
Sat
windows / registry_set
View profile
C
CertainlyP
1rules
Fri
windows / network_connection
View profile
C
CheraaghiMilad
1rules
Tue
0solo
1co-authored
linux / process_creation
View profile
CL
Chester Le Bron
1rules
Mon
aws / cloudtrail
View profile
CB
Christophe BROCAS
1rules
Fri
0solo
1co-authored
windows / system
View profile
CS
Craig Sweeney
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
CY
Craig Young
1rules
Sat
0solo
1co-authored
windows / process_creation
View profile
C
CrimpSec
1rules
Fri
0solo
1co-authored
windows / registry_set
View profile
C
Cybex
1rules
Tue
windows / application
View profile
D
daffainfo
1rules
Tue
0solo
1co-authored
webserver
View profile
DB
Dan Beavin)
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
DD
Daniel Degasperi
1rules
Wed
windows / application
View profile
DK
Dave Kennedy
1rules
Fri
0solo
1co-authored
windows / security
View profile
DF
David Faiss
1rules
Mon
windows / process_creation
View profile
DL
David Ledbetter
shellcode
1rules
Sat
0solo
1co-authored
windows / ps_script
View profile
DS
David Strassegger
1rules
Fri
0solo
1co-authored
windows / security
View profile
DS
Demyan Sokolin
1rules
Tue
0solo
1co-authored
windows / system
View profile
DS
Denis Szadkowski
1rules
Sun
0solo
1co-authored
windows / application
View profile
DP
Diego Perez
1rules
Fri
0solo
1co-authored
windows / process_creation
View profile
DB
Diogo Braz
1rules
Thu
aws / cloudtrail
View profile
D/
DIRT / DCSO CyTec
1rules
Sun
0solo
1co-authored
windows / application
View profile
DS
Dominik Schaudel
1rules
Mon
0solo
1co-authored
windows / security
View profile
D
Douglasrose75
1rules
Thu
0solo
1co-authored
fortios / sslvpnd
View profile
D
Duc.Le-GTSC
1rules
Tue
0solo
1co-authored
windows / ps_script
View profile
DM
Dusty Miller
1rules
Thu
windows / dns_query
View profile
FS
Faith Stratton
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
FS
Fatih Sirin
1rules
Fri
windows / process_creation
View profile
FL
Florent Labouyrie
1rules
Fri
windows / process_access
View profile
F
fornotes
1rules
Thu
0solo
1co-authored
windows / file_event
View profile
GL
Gary Lobermier
1rules
Thu
windows / image_load
View profile
GK
Gene Kazimiarovich
1rules
Sun
windows / file_event
View profile
G
GossiTheDog
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
G
Gregory
1rules
Wed
windows / file_event
View profile
G
Group-IB
1rules
Fri
0solo
1co-authored
windows / ps_script
View profile
HV
Hai Vaknin
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
H
hamid
1rules
Sun
windows / system
View profile
H
hasselj
1rules
Fri
linux / network_connection
View profile
H
HieuTT35
1rules
Thu
0solo
1co-authored
windows / file_event
View profile
HJ
Hunter Juhan
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
HD
Huntress DE&TH Team
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
HL
Huntress Labs
1rules
Fri
0solo
1co-authored
windows / process_creation
View profile
HT
Huntress Team
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
IT
Ialle Teixeira
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
I
idea)
1rules
Sat
0solo
1co-authored
windows / file_event
View profile
I
INIT_6
1rules
Fri
windows / security
View profile
I
IrishDeath
1rules
Mon
0solo
1co-authored
windows / file_event
View profile
IA
Isa Almannaei
1rules
Mon
webserver
View profile
ID
Isaac Dunham
1rules
Thu
windows / network_connection
View profile
IF
Isaac Fernandes
1rules
Wed
windows / image_load
View profile
I
iwillkeepwatch
1rules
Fri
windows / registry_event
View profile
JC
Jack Croock
method
1rules
Tue
0solo
1co-authored
windows / security
View profile
JA
James Ahearn
1rules
Sat
webserver
View profile
JD
James Dickenson
1rules
Mon
0solo
1co-authored
windows / process_access
View profile
JP
James Pemberton / / oscd.community
improvements
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
J
Jason
https://github.com/0xbcf
1rules
Tue
windows / process_creation
View profile
JM
Jason Mull
1rules
Mon
windows / system
View profile
JP
Jay Pandit
1rules
Tue
macos / process_creation
View profile
JW
Jeff Warren/ David Vassallo
method
1rules
Fri
0solo
1co-authored
windows / security
View profile
JS
Jerry Shockley
1rules
Wed
windows / ntlm
View profile
J
jmallette
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
JB
Jonathan Beierle
1rules
Sat
windows / image_load
View profile
JP
Jonathan Peters
Nextron Systems
1rules
Sun
0solo
1co-authored
windows / file_event
View profile
JO
Jose Oregon
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
JA
Joseph A. M.
1rules
Sat
proxy
View profile
JB
Josh Brower
1rules
Sat
zeek / rdp
View profile
JC
Justin C.
1rules
Sun
0solo
1co-authored
windows / process_creation
View profile
K
kagebunsher
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
KL
Kaspersky Lab
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
K
keepwatch
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
KW
Keith Wright
1rules
Wed
windows / security
View profile
KK
Kiran kumar s
1rules
Sun
0solo
1co-authored
windows / network_connection
View profile
KL
Kris Luzadre
1rules
Tue
0solo
1co-authored
windows / security
View profile
KM
Kyaw Min Thein
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
L
lazarg
1rules
Thu
windows / process_creation
View profile
LA
Lednyov Alexey
1rules
Fri
0solo
1co-authored
windows / registry_set
View profile
LH
Lee Holmes
1rules
Wed
0solo
1co-authored
windows / ps_classic_start
View profile
LP
Lionel PRAT
1rules
Fri
0solo
1co-authored
windows / system
View profile
M
MalGamy
Nextron Systems
1rules
Sun
0solo
1co-authored
windows / process_creation
View profile
M
manasmbellani
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
MD
Margaritis Dimitrios
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
MW
Mark Woan
improvements
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
M
MatilJ
1rules
Wed
0solo
1co-authored
windows / ps_script
View profile
MK
Matt Kelly
list of domains
1rules
Tue
0solo
1co-authored
dns
View profile
MM
Matthew Matchen
1rules
Fri
windows / process_creation
View profile
MF
Maxence Fossat
1rules
Wed
0solo
1co-authored
windows / security
View profile
M
mdecrevoisier
1rules
Tue
windows / openssh
View profile
MM
Michael McIntyre
1rules
Wed
aws / cloudtrail
View profile
MP
Michael Portera
1rules
Thu
zeek / dns
View profile
MR
Michael R.
1rules
Sun
windows / process_creation
View profile
MT
Michael Taggart
1rules
Thu
0solo
1co-authored
windows / file_event
View profile
MV
Michael Vilshin
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
MA
Michaela Adams
1rules
Sun
0solo
1co-authored
windows / security
View profile
MD
Microsoft Defender ATP
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
MR
Mike Remen
1rules
Tue
0solo
1co-authored
zeek / dce_rpc
View profile
MW
Mike Wade
1rules
Wed
dns
View profile
M
Modexp
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
MA
Mohamed Abdelghani
1rules
Sun
windows / smbserver-connectivity
View profile
M
montysecurity
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
MM
Moriarty Meng
1rules
Sat
0solo
1co-authored
windows / process_creation
View profile
M
MSFT
1rules
Tue
0solo
1co-authored
windows / process_creation
View profile
M(
MSTI (query
1rules
Sat
0solo
1co-authored
windows / file_event
View profile
M
MSTI
query
1rules
Sat
0solo
1co-authored
windows / process_creation
View profile
M
mttaggart
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
NG
Nate Guagenti
neu5ron
1rules
Mon
zeek / http
View profile
N
NCSC
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
NM
Nilaa Maharjan
1rules
Thu
0solo
1co-authored
fortios / sslvpnd
View profile
NS
Nisarg Suthar
1rules
Fri
windows / process_creation
View profile
NK
Nischal Khadgi
1rules
Thu
windows / registry_set
View profile
NT
Nuttakorn Tungpoonsup
1rules
Fri
0solo
1co-authored
webserver
View profile
OK
Oleg Kolesnikov invrep_de
1rules
Fri
0solo
1co-authored
windows / process_creation
View profile
OF
Omer Faruk Celik
1rules
Tue
windows / system
View profile
ÖG
Ömer Günal and remotephone
1rules
Tue
0solo
1co-authored
linux / process_creation
View profile
OY
Omer Yampel
1rules
Fri
0solo
1co-authored
windows / registry_set
View profile
OG
Omkar Gudhate
1rules
Sun
windows / registry_set
View profile
P
Parth-FourCore
1rules
Thu
0solo
1co-authored
windows / file_access
View profile
PS
Patrick St. John
1rules
Sun
0solo
1co-authored
windows / image_load
View profile
PP
Patryk Prauze - ING Tech
1rules
Mon
windows / process_access
View profile
PM
Peter Matkovski
1rules
Mon
0solo
1co-authored
linux / auditd
View profile
RC
Raphaël CALVET
1rules
Mon
azure / activitylogs
View profile
RT
RedCanary Team
1rules
Wed
0solo
1co-authored
m365 / audit
View profile
RL
Robert Lee
1rules
Thu
windows / security
View profile
RJ
Rohit Jain
1rules
Tue
0solo
1co-authored
proxy
View profile
RA
Romaissa Adjailia
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
RD
Rory Duncan
1rules
Mon
windows / process_creation
View profile
RP
Ryan Plas
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
SP
Saiprashanth Pulisetti
1rules
Fri
windows / file_event
View profile
SS
Samantha Shaw
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
SM
Samuel Monsempes
1rules
Wed
windows / application
View profile
SD
Scott Dermott
1rules
Sun
0solo
1co-authored
windows / security
View profile
SJ
Sean Johnstone | Unit 42
1rules
Sat
aws / cloudtrail
View profile
S
SecurityAura
1rules
Wed
windows / file_event
View profile
SG
Semanur Guneysu
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
SS
Sergey Soldatov
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
SZ
Sergey Zelenskiy
1rules
Sun
0solo
1co-authored
aws / cloudtrail
View profile
SP
Sergio Palacios Dominguez
1rules
Fri
0solo
1co-authored
webserver
View profile
SE
Sherif Eldeeb
1rules
Mon
0solo
1co-authored
windows / process_access
View profile
SS
Sittikorn Sangrattanapitak
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
SP
SOC Prime Team
1rules
Tue
0solo
1co-authored
zeek / dns
View profile
SR
Splunk Research Team
1rules
Mon
windows / create_remote_thread
View profile
SR
Steffen Rogge
dr0pd34d
1rules
Wed
windows / image_load
View profile
SP
Subhash P
1rules
Fri
0solo
1co-authored
windows / file_event
View profile
S
suktech24
1rules
Thu
aws / cloudtrail
View profile
SS
Swachchhanda Shrawan Poude
Nextron Systems
1rules
Tue
0solo
1co-authored
windows / registry_event
View profile
SC
Swisscom CSIRT
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
T
TactiKoolSec
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
TF
Tanner Filip
1rules
Mon
0solo
1co-authored
windows / process_creation
View profile
TP
Thodoris Polyzos
1rules
Mon
windows / security
View profile
T
Thuya
1rules
Sat
0solo
1co-authored
aws / cloudtrail
View profile
T
Tigzy
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
TI
Tim Ismilyaev
1rules
Mon
0solo
1co-authored
macos / process_creation
View profile
TK
Tim Kasper
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
TS
Tim Shelton (fps
1rules
Sun
0solo
1co-authored
windows / ps_script
View profile
TH
Timon Hackenjos
1rules
Fri
windows / create_remote_thread
View profile
T
toffeebr33k
1rules
Mon
aws / cloudtrail
View profile
TK
Tom Kern
1rules
Thu
0solo
1co-authored
windows / image_load
View profile
TD
Tomasz Dyduch
1rules
Fri
0solo
1co-authored
windows / file_event
View profile
T
toopricey
1rules
Sat
aws / cloudtrail
View profile
T
TuanLe
GTSC
1rules
Wed
linux / process_creation
View profile
U
UnicornOfHunt
1rules
Wed
windows / image_load
View profile
VV
Vadim Varganov
1rules
Wed
0solo
1co-authored
windows / file_event
View profile
V
vburov
1rules
Sat
windows / process_creation
View profile
VS
Vladan Sekulic
1rules
Sat
0solo
1co-authored
windows / process_creation
View profile
YO
Yassine Oukessou
1rules
Thu
0solo
1co-authored
windows / process_creation
View profile
Y
yatinwad
1rules
Thu
0solo
1co-authored
windows / dns_query
View profile
Y
YochanaHenderson
1rules
Wed
azure / auditlogs
View profile
YF
Yulia Fomina
1rules
Wed
0solo
1co-authored
windows / process_creation
View profile
ZM
Zaw Min Htun
ZETA
1rules
Sun
0solo
1co-authored
windows / process_creation
View profile