Network IDS rules

Home/Network IDS rules

IDS / IPS

1,435 rules · linked to T1566 · Snort / Suricata signatures

Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

◈

Rules

50 shown of 1,435

et-open credential-theft

ET PHISHING Successful Paxful Cryptocurrency Wallet Phish Aug 30 2017

sid 2024621 format suricata

et-open social-engineering

ET PHISHING Possible NatWest Bank Phishing Landing - Title over non SSL

sid 2024622 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) Aug 31 2017

sid 2024638 format suricata

et-open credential-theft

ET PHISHING Successful LocalBitcoins Cryptocurrency Exchange Phish Aug 30 2017

sid 2024640 format suricata

et-open social-engineering

ET PHISHING Possible Raiffeisen Bank Phishing Landing - Title over non SSL

sid 2024770 format suricata

et-open credential-theft

ET PHISHING Successful Banco do Brasil Phish M1 Sep 29 2017

sid 2024782 format suricata

et-open credential-theft

ET PHISHING Successful Banco do Brasil Phish M2 Sep 29 2017

sid 2024783 format suricata

et-open credential-theft

ET PHISHING Successful Banco do Brasil Phish M3 Sep 29 2017

sid 2024784 format suricata

et-open social-engineering

ET PHISHING Possible Scotiabank Phishing Landing - Title over non SSL

sid 2024795 format suricata

et-open credential-theft

ET PHISHING Successful Santander Phish M1 Oct 04 2017

sid 2024800 format suricata

et-open credential-theft

ET PHISHING Successful Santander Phish M2 Oct 04 2017

sid 2024802 format suricata

et-open credential-theft

ET PHISHING Possible Successful Paypal Phishing Domain (IT) Oct 10 2017

sid 2024835 format suricata

et-open credential-theft

ET PHISHING Successful Ziraat Bankasi (TK) Phish M1 Oct 12 2017

sid 2024838 format suricata

et-open credential-theft

ET PHISHING Successful Ziraat Bankasi (TK) Phish M2 Oct 12 2017

sid 2024839 format suricata

et-open credential-theft

ET PHISHING Successful Paypal Phish Oct 16 2017

sid 2024846 format suricata

et-open credential-theft

ET PHISHING Successful Paypal (FR) Phish Oct 16 2017

sid 2024847 format suricata

et-open credential-theft

ET PHISHING Successful HMRC Phish Oct 18 2017

sid 2024850 format suricata

et-open credential-theft

ET PHISHING 401TRG Successful Multi-Email Phish - Observed in Docusign/Dropbox/Onedrive/Gdrive Nov 02 2017

sid 2024942 format suricata

et-open credential-theft

ET PHISHING Successful Raiffeisen Phish Nov 03 2017

sid 2024947 format suricata

et-open credential-theft

ET PHISHING Successful Sparkasse Phish Nov 03 2017

sid 2024948 format suricata

et-open credential-theft

ET PHISHING Successful BankAustria Phish Nov 03 2017

sid 2024949 format suricata

et-open credential-theft

ET PHISHING Successful Generic AES Phish M1 Oct 24 2017

sid 2024997 format suricata

et-open credential-theft

ET PHISHING Successful Generic AES Phish M2 Oct 24 2017

sid 2024998 format suricata

et-open credential-theft

ET PHISHING Successful OWA Phish Apr 25 2017

sid 2024999 format suricata

et-open credential-theft

ET PHISHING Possible Successful Phish to Hostinger Domains Apr 4 M4

sid 2025000 format suricata

et-open credential-theft

ET PHISHING Possible Successful Websocket Credential Phish Sep 15 2017

sid 2025001 format suricata

et-open credential-theft

ET PHISHING Successful Personalized OWA Webmail Phish Oct 04 2016

sid 2025002 format suricata

et-open credential-theft

ET PHISHING Successful TeamIPwned Phish 2016-08-30

sid 2025003 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) Nov 20 2017

sid 2025013 format suricata

et-open credential-theft

ET PHISHING Successful Generic Phish (set) Aug 21 2017

sid 2025026 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) Aug 22 2017

sid 2025027 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) Sep 19 2017

sid 2025028 format suricata

et-open credential-theft

ET PHISHING Successful Generic Phish (set) Sep 28 2017

sid 2025029 format suricata

et-open credential-theft

ET PHISHING Successful Generic Credit Card Information Phish Oct 10 2017

sid 2025030 format suricata

et-open credential-theft

ET PHISHING Successful Office 365 Phish Oct 10 2017 (set)

sid 2025031 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) Oct 26 2017

sid 2025032 format suricata

et-open credential-theft

ET PHISHING Successful Generic Phish (set) Oct 30 2017

sid 2025033 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish Nov 09 2017 (set)

sid 2025034 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) 2017-12-03

sid 2025099 format suricata

et-open credential-theft

ET PHISHING Successful EDU Phish 2017-12-04

sid 2025114 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) 2017-12-04

sid 2025115 format suricata

et-open credential-theft

ET PHISHING Successful Yobit Cryptocurrency Exchange Phish 2017-12-28

sid 2025174 format suricata

et-open credential-theft

ET PHISHING Successful HitBTC Cryptocurrency Exchange Phish 2017-12-28

sid 2025175 format suricata

et-open credential-theft

ET PHISHING Successful Liqui Cryptocurrency Exchange Phish 2017-12-28

sid 2025176 format suricata

et-open credential-theft

ET PHISHING Possible Successful Generic Phish (set) 2018-01-02

sid 2025180 format suricata

et-open social-engineering

ET PHISHING Possible Phishing Landing - Common Multiple JS Unescape May 25 2017

sid 2025227 format suricata

et-open social-engineering

ET PHISHING Possible Compromised Wordpress - Generic Phishing Landing 2018-01-22

sid 2025236 format suricata

et-open social-engineering

ET PHISHING Microsoft Onedrive Phishing Landing 2018-01-29

sid 2025264 format suricata

et-open bad-unknown

ET PHISHING Possible Phishing Redirect 2018-01-30

sid 2025267 format suricata

et-open social-engineering

ET PHISHING TSB Bank / Lloyds Bank Phishing Landing 2018-02-01

sid 2025285 format suricata

Showing 151-200 of 1,435

Prev 4 Next

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin