Home/Network IDS rules
IDS / IPS

Network IDS rules

926 rules · linked to T1041 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 926
et-open command-and-control
ET MALWARE PunkeyPOS HTTP CnC Beacon 4
sid 2020938 format suricata
et-open command-and-control
ET MALWARE Chthonic CnC Beacon 5
sid 2020944 format suricata
et-open command-and-control
ET MALWARE Win32/Tesch.B CnC Beacon
sid 2020945 format suricata
et-open command-and-control
ET MALWARE Chthonic CnC Beacon 6
sid 2020946 format suricata
et-open pup-activity
ET ADWARE_PUP W32/PicColor Adware CnC Beacon
sid 2020948 format suricata
et-open targeted-activity
ET MALWARE CozyDuke APT HTTP GET CnC Beacon
sid 2020963 format suricata
et-open targeted-activity
ET MALWARE CozyDuke APT HTTP CnC Beacon Response
sid 2020965 format suricata
et-open pup-activity
ET ADWARE_PUP W32/Softpulse PUP Install Failed Beacon
sid 2021027 format suricata
et-open command-and-control
ET MALWARE BePush/Kilim CnC Beacon
sid 2021030 format suricata
et-open command-and-control
ET MALWARE njRAT Variant Outbound CnC Beacon
sid 2021057 format suricata
et-open command-and-control
ET MALWARE Win32/Agent.WVW CnC Beacon 2
sid 2021088 format suricata
et-open command-and-control
ET MALWARE Yahoyah CnC Beacon
sid 2021114 format suricata
et-open command-and-control
ET MALWARE SPEAR CnC Beacon
sid 2021118 format suricata
et-open command-and-control
ET MALWARE SPEAR CnC Beacon 2
sid 2021119 format suricata
et-open command-and-control
ET MALWARE JavaScriptBackdoor HTTP GET CnC Beacon
sid 2021132 format suricata
et-open command-and-control
ET MALWARE H1N1 Loader CnC Beacon M1
sid 2021139 format suricata
et-open command-and-control
ET MALWARE H1N1 Loader CnC Beacon M2
sid 2021140 format suricata
et-open command-and-control
ET MALWARE Linux/Moose HTTP CnC Beacon
sid 2021147 format suricata
et-open command-and-control
ET MALWARE Linux/Moose HTTP CnC Beacon Response
sid 2021148 format suricata
et-open command-and-control
ET MALWARE Possible Linux/Moose Telnet CnC Beacon
sid 2021149 format suricata
et-open command-and-control
ET MALWARE Linux/Moose NAT Traversal CnC Beacon set
sid 2021150 format suricata
et-open command-and-control
ET MALWARE Linux/Moose NAT Traversal CnC Beacon - Sleep
sid 2021151 format suricata
et-open command-and-control
ET MALWARE Linux/Moose NAT Traversal CnC Beacon - Multiple Tunnel
sid 2021152 format suricata
et-open command-and-control
ET MALWARE PunkeyPOS HTTP CnC Beacon 9
sid 2021168 format suricata
et-open pup-activity
ET ADWARE_PUP PUP Win32/Conduit.SearchProtect.O CnC Beacon
sid 2021173 format suricata
et-open targeted-activity
ET MALWARE APT Backspace CnC Beacon
sid 2021184 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Wroba.m Checkin
sid 2021185 format suricata
et-open command-and-control
ET MALWARE Sakula/Mivast RAT CnC Beacon 2
sid 2021200 format suricata
et-open command-and-control
ET MALWARE Sakula/Mivast RAT CnC Beacon 3
sid 2021201 format suricata
et-open command-and-control
ET MALWARE Win32/Zacom.A CnC Beacon 1
sid 2021213 format suricata
et-open command-and-control
ET MALWARE Win32/Agent.WVW CnC Beacon 1
sid 2021257 format suricata
et-open command-and-control
ET MALWARE Win32/Agent.WVW CnC Beacon 3
sid 2021259 format suricata
et-open command-and-control
ET MALWARE Backdoor.Elise CnC Beacon 1 M1
sid 2021274 format suricata
et-open command-and-control
ET MALWARE Backdoor.Elise CnC Beacon 1 M2
sid 2021275 format suricata
et-open command-and-control
ET MALWARE Backdoor.Elise CnC Beacon 2
sid 2021276 format suricata
et-open command-and-control
ET MALWARE Backdoor.Elise CnC Beacon 3 M1
sid 2021277 format suricata
et-open command-and-control
ET MALWARE Backdoor.Elise CnC Beacon 3 M2
sid 2021278 format suricata
et-open command-and-control
ET MALWARE Mocelpa Client Hello CnC Beacon
sid 2021379 format suricata
et-open command-and-control
ET MALWARE Win32/Denisca.A CnC Beacon
sid 2021385 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android BatteryBotPro Checkin
sid 2021386 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android BatteryBotPro Checkin 2
sid 2021387 format suricata
et-open command-and-control
ET MALWARE Win32/Denisca.A CnC Beacon 2
sid 2021389 format suricata
et-open pup-activity
ET ADWARE_PUP PUP TheSZ AutoUpdate CnC Beacon
sid 2021401 format suricata
et-open command-and-control
ET MALWARE W32/Banload.VZS Banker POST CnC Beacon 1
sid 2021403 format suricata
et-open command-and-control
ET MALWARE W32/Banload.VZS Banker POST CnC Beacon 2
sid 2021404 format suricata
et-open targeted-activity
ET MALWARE SeaDuke CnC Beacon
sid 2021413 format suricata
et-open command-and-control
ET MALWARE Bedep HTTP POST CnC Beacon
sid 2021418 format suricata
et-open command-and-control
ET MALWARE Tsyrval Panda CnC Beacon
sid 2021437 format suricata
et-open command-and-control
ET MALWARE Win32/Bancos.AMM CnC Beacon
sid 2021439 format suricata
et-open command-and-control
ET MALWARE KINS/ZeusVM Variant CnC Beacon
sid 2021520 format suricata
Showing 201-250 of 926
Prev 5 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin