Home/Network IDS rules
IDS / IPS

Network IDS rules

926 rules · linked to T1041 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 926
et-open command-and-control
ET MALWARE W32/Eclipse.DDOSBot CnC Beacon Response
sid 2018423 format suricata
et-open command-and-control
ET MALWARE W32/Hicrazyk.A Downloader Install CnC Beacon
sid 2018435 format suricata
et-open command-and-control
ET MALWARE W32/Karagany.Downloader CnC Beacon
sid 2018443 format suricata
et-open command-and-control
ET MALWARE W32/HelloBridge.Backdoor Register CnC Beacon
sid 2018474 format suricata
et-open command-and-control
ET MALWARE W32/HelloBridge.Backdoor Login CnC Beacon
sid 2018475 format suricata
et-open trojan-activity
ET MALWARE Putter Panda 3PARA RAT initial beacon
sid 2018555 format suricata
et-open pup-activity
ET ADWARE_PUP W32/RocketfuelNextUp.Adware CnC Beacon
sid 2018565 format suricata
et-open command-and-control
ET MALWARE W32/Asprox.Bot Knock Variant CnC Beacon
sid 2018574 format suricata
et-open command-and-control
ET MOBILE_MALWARE Android/Comll.Banker RAT CnC Beacon
sid 2018630 format suricata
et-open targeted-activity
ET MALWARE W32/Antifulai.APT CnC Beacon 1
sid 2018631 format suricata
et-open targeted-activity
ET MALWARE W32/Antifulai.APT CnC Beacon 2
sid 2018632 format suricata
et-open targeted-activity
ET MALWARE W32/Antifulai.APT CnC Beacon 3
sid 2018633 format suricata
et-open targeted-activity
ET MALWARE W32/Antifulai.APT CnC Beacon 4
sid 2018634 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android Spyware Dowgin Checkin
sid 2018663 format suricata
et-open command-and-control
ET MALWARE W32/Kazy.325252 Variant CnC Beacon 1
sid 2018681 format suricata
et-open command-and-control
ET MALWARE W32/Kazy.325252 Variant CnC Beacon 2
sid 2018682 format suricata
et-open pup-activity
ET ADWARE_PUP W32/SearchSuite Install CnC Beacon
sid 2018753 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Worm.AndroidOS.Selfmite.a Checkin
sid 2018792 format suricata
et-open targeted-activity
ET MALWARE W32/Pgift.Backdoor APT CnC Beacon
sid 2018869 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android/Locker.B Checkin 1
sid 2018945 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android/Locker.B Checkin 2
sid 2018946 format suricata
et-open targeted-activity
ET MALWARE W32/Waterspout.APT Backdoor CnC Beacon
sid 2019115 format suricata
et-open command-and-control
ET MALWARE W32/Bravix.Dropper CnC Beacon
sid 2019128 format suricata
et-open targeted-activity
ET MALWARE APT OSX.XSLCmd CnC Beacon
sid 2019136 format suricata
et-open pup-activity
ET ADWARE_PUP W32/Stan Malvertising.Dropper CnC Beacon
sid 2019145 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android/Code4hk.A Checkin
sid 2019318 format suricata
et-open trojan-activity
ET MOBILE_MALWARE iOS/Xsser Checkin
sid 2019331 format suricata
et-open trojan-activity
ET MOBILE_MALWARE iOS/Xsser checking library version
sid 2019334 format suricata
et-open command-and-control
ET MALWARE W32/BlackEnergy Dirconf CnC Beacon
sid 2019412 format suricata
et-open command-and-control
ET MALWARE FrameworkPOS Covert DNS CnC Beacon 1
sid 2019454 format suricata
et-open command-and-control
ET MALWARE FrameworkPOS Covert DNS CnC Beacon 2
sid 2019455 format suricata
et-open command-and-control
ET MALWARE W32/24x7Help.ScareWare CnC Beacon
sid 2019498 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android/Koler.C Checkin
sid 2019510 format suricata
et-open command-and-control
ET MALWARE W32/Siggen.Dropper CnC Beacon
sid 2019515 format suricata
et-open command-and-control
ET MALWARE OSX/WireLurker CnC Beacon
sid 2019662 format suricata
et-open command-and-control
ET MALWARE OSX/WireLurker CnC Beacon
sid 2019663 format suricata
et-open command-and-control
ET MALWARE Emotet CnC Beacon
sid 2019704 format suricata
et-open command-and-control
ET MALWARE Bamital Headers - Likely CnC Beacon
sid 2019755 format suricata
et-open command-and-control
ET MALWARE Rerdom/Asprox CnC Beacon
sid 2019760 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android.Stealthgenie Checkin
sid 2019805 format suricata
et-open targeted-activity
ET MALWARE W32/DoubleTap.APT Downloader CnC Beacon
sid 2019808 format suricata
et-open command-and-control
ET MALWARE W32/Hyteod.Downloader CnC Beacon
sid 2019824 format suricata
et-open command-and-control
ET MALWARE W32/Wadolin.Downloader CnC Beacon
sid 2019827 format suricata
et-open command-and-control
ET MALWARE W32/Fin4.InfoStealer Uploading User Credentials CnC Beacon
sid 2019829 format suricata
et-open command-and-control
ET MALWARE W32/Syndicasec.Backdoor CnC Beacon
sid 2019831 format suricata
et-open command-and-control
ET MALWARE W32/Dridex POST CnC Beacon
sid 2019891 format suricata
et-open command-and-control
ET MALWARE Cloud Atlas CnC Beacon
sid 2019919 format suricata
et-open command-and-control
ET MALWARE ZhCAT.HackTool Operation Cleaver HTTP CnC Beacon
sid 2019943 format suricata
et-open command-and-control
ET MALWARE W32/Farfli.BHQ!tr Dropper CnC Beacon
sid 2019946 format suricata
et-open command-and-control
ET MALWARE W32/TRCrypt.ULPM Downloader CnC Beacon
sid 2019947 format suricata
Showing 101-150 of 926
Prev 3 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin