Home/Network IDS rules
IDS / IPS

Network IDS rules

52,377 rules · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 52,377
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- forums.php post_id UPDATE
sid 2004217 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- users.php user_id SELECT
sid 2004218 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- users.php user_id UNION SELECT
sid 2004219 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- users.php user_id INSERT
sid 2004220 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- users.php user_id DELETE
sid 2004221 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- users.php user_id ASCII
sid 2004222 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS phpx SQL Injection Attempt -- users.php user_id UPDATE
sid 2004223 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- functions_filters.asp SELECT
sid 2004224 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- functions_filters.asp UNION SELECT
sid 2004225 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- functions_filters.asp INSERT
sid 2004226 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- functions_filters.asp DELETE
sid 2004227 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- functions_filters.asp ASCII
sid 2004228 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- functions_filters.asp UPDATE
sid 2004229 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- pop_up_member_search.asp name SELECT
sid 2004230 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- pop_up_member_search.asp name UNION SELECT
sid 2004231 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- pop_up_member_search.asp name INSERT
sid 2004232 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- pop_up_member_search.asp name DELETE
sid 2004233 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- pop_up_member_search.asp name UPDATE
sid 2004234 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- page.asp NewsID SELECT
sid 2004235 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- page.asp NewsID UNION SELECT
sid 2004236 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- page.asp NewsID INSERT
sid 2004237 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- page.asp NewsID DELETE
sid 2004238 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- page.asp NewsID ASCII
sid 2004239 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Web Wiz Forums SQL Injection Attempt -- page.asp NewsID UPDATE
sid 2004240 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHP-Stats SQL Injection Attempt -- php-stats.recphp.php ip SELECT
sid 2004241 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHP-Stats SQL Injection Attempt -- php-stats.recphp.php ip UNION SELECT
sid 2004242 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHP-Stats SQL Injection Attempt -- php-stats.recphp.php ip INSERT
sid 2004243 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHP-Stats SQL Injection Attempt -- php-stats.recphp.php ip DELETE
sid 2004244 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHP-Stats SQL Injection Attempt -- php-stats.recphp.php ip ASCII
sid 2004245 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS PHP-Stats SQL Injection Attempt -- php-stats.recphp.php ip UPDATE
sid 2004246 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Woltlab Burning Board SQL Injection Attempt -- usergroups.php SELECT
sid 2004247 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Woltlab Burning Board SQL Injection Attempt -- usergroups.php UNION SELECT
sid 2004248 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Woltlab Burning Board SQL Injection Attempt -- usergroups.php INSERT
sid 2004249 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Woltlab Burning Board SQL Injection Attempt -- usergroups.php DELETE
sid 2004250 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Woltlab Burning Board SQL Injection Attempt -- usergroups.php ASCII
sid 2004251 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Woltlab Burning Board SQL Injection Attempt -- usergroups.php UPDATE
sid 2004252 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS WSN Guest SQL Injection Attempt -- comments.php id SELECT
sid 2004253 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS WSN Guest SQL Injection Attempt -- comments.php id UNION SELECT
sid 2004254 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS WSN Guest SQL Injection Attempt -- comments.php id INSERT
sid 2004255 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS WSN Guest SQL Injection Attempt -- comments.php id DELETE
sid 2004256 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS WSN Guest SQL Injection Attempt -- comments.php id ASCII
sid 2004257 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS WSN Guest SQL Injection Attempt -- comments.php id UPDATE
sid 2004258 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Particle Blogger SQL Injection Attempt -- post.php postid SELECT
sid 2004259 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Particle Blogger SQL Injection Attempt -- post.php postid UNION SELECT
sid 2004260 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Particle Blogger SQL Injection Attempt -- post.php postid INSERT
sid 2004261 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Particle Blogger SQL Injection Attempt -- post.php postid DELETE
sid 2004262 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Particle Blogger SQL Injection Attempt -- post.php postid ASCII
sid 2004263 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Particle Blogger SQL Injection Attempt -- post.php postid UPDATE
sid 2004264 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Koan Software Mega Mall SQL Injection Attempt -- product_review.php x SELECT
sid 2004265 format suricata
et-open web-application-attack
ET WEB_SPECIFIC_APPS Koan Software Mega Mall SQL Injection Attempt -- product_review.php x UNION SELECT
sid 2004266 format suricata
Showing 551-600 of 52,377
Prev 12 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin