TP

Thomas Patzke

@thomaspatzke @blubbfiction

First rule: Sun Feb 19 2017 01:00:00 GMT+0100 (Central European Standard Time)

Commits on SigmaHQ Pull Requests

Share profile card

0rules authored

26sole author

8co-authored

Top Log Sources

windows / security

windows / process_creation

windows / file_event

Rule Types

28 emerging threat

5 threat hunting

By Severity

critical

2

high

13

medium

14

low

3

informational

2

By Status

stable

13

test

20

experimental

1

deprecated

0

unsupported

0

0

Total Rules

0

Stable Rules

0

High / Critical

0

Log Source Types

Recent RulesAll rules →

ADExplorer Writing Complete AD Snapshot Into .dat File

Wed Jul 09 2025 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

WCE wceaux.dll Access

Wed Jun 14 2017 02:00:00 GMT+0200 (Central European Summer Time)

criticalDetection

Failed Code Integrity Checks

Tue Dec 03 2019 01:00:00 GMT+0100 (Central European Standard Time)

informationalDetection

Potential Secure Deletion with SDelete

Wed Jun 14 2017 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

Suspicious Spool Service Child Process

Sun Jul 11 2021 02:00:00 GMT+0200 (Central European Summer Time)

Suspicious Process By Web Server Process

Wed Jan 16 2019 01:00:00 GMT+0100 (Central European Standard Time)

Browse all 34 rules by Thomas Patzke

Filter the full rule library to see only their contributions