Home/Network IDS rules
IDS / IPS

Network IDS rules

926 rules · linked to T1041 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 926
et-open command-and-control
ET RETIRED PoisonIvy HTTP CnC Beacon
sid 2021523 format suricata
et-open command-and-control
ET MALWARE Sakula/Mivast RAT CnC Beacon 6
sid 2021569 format suricata
et-open command-and-control
ET MALWARE Sakula/Mivast RAT CnC Beacon 7
sid 2021570 format suricata
et-open targeted-activity
ET MALWARE APT Lurker POST CnC Beacon
sid 2021584 format suricata
et-open targeted-activity
ET MALWARE APT Lurker GET CnC Beacon
sid 2021585 format suricata
et-open targeted-activity
ET MALWARE DarkHotel Initial Beacon
sid 2021610 format suricata
et-open pup-activity
ET ADWARE_PUP DealPly Adware CnC Beacon
sid 2021618 format suricata
et-open pup-activity
ET ADWARE_PUP DealPly Adware CnC Beacon 2
sid 2021619 format suricata
et-open command-and-control
ET MALWARE Sharik/Smoke CnC Beacon 2
sid 2021631 format suricata
et-open pup-activity
ET ADWARE_PUP DealPly Adware CnC Beacon 3
sid 2021643 format suricata
et-open targeted-activity
ET MALWARE APT Cheshire Cat CnC Beacon
sid 2021719 format suricata
et-open command-and-control
ET MALWARE AlphaCrypt CnC Beacon 3
sid 2021723 format suricata
et-open command-and-control
ET MALWARE Alphacrypt/TeslaCrypt Ransomware CnC Beacon Response
sid 2021724 format suricata
et-open command-and-control
ET MALWARE Win32/Boaxxe.BR CnC Beacon
sid 2021748 format suricata
et-open command-and-control
ET MALWARE SYNful Knock Cisco IOS Router Implant CnC Beacon (INBOUND)
sid 2021785 format suricata
et-open command-and-control
ET MALWARE PlugX UDP CnC Beacon
sid 2021791 format suricata
et-open command-and-control
ET MALWARE Ursnif Variant CnC Beacon
sid 2021813 format suricata
et-open command-and-control
ET MALWARE Ursnif Variant CnC Beacon 3
sid 2021814 format suricata
et-open command-and-control
ET MALWARE Ursnif Variant CnC Beacon 4
sid 2021829 format suricata
et-open command-and-control
ET MALWARE Ransomware Win32/WinPlock.A CnC Beacon 2
sid 2021852 format suricata
et-open command-and-control
ET MALWARE Ransomware Win32/WinPlock.A Successfully Installed CnC Beacon
sid 2021853 format suricata
et-open command-and-control
ET MALWARE Ransomware Win32/WinPlock.A CnC Beacon 3
sid 2021854 format suricata
et-open trojan-activity
ET MALWARE Hawkeye Keylogger SMTP Beacon
sid 2021871 format suricata
et-open command-and-control
ET MALWARE DustySky CnC Beacon
sid 2021919 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android/Kemoge Checkin
sid 2021928 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Android/Kemoge Checkin 2
sid 2021929 format suricata
et-open command-and-control
ET MALWARE Bookworm CnC Beacon
sid 2022073 format suricata
et-open command-and-control
ET MALWARE Bookworm CnC Beacon 2
sid 2022074 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Trojan-Banker.AndroidOS.Acecard.c Checkin
sid 2022137 format suricata
et-open command-and-control
ET MALWARE Matryoshka CnC Beacon 1
sid 2022146 format suricata
et-open command-and-control
ET MALWARE Vawtrak HTTP CnC Beacon
sid 2022225 format suricata
et-open command-and-control
ET MALWARE AlphaCrypt CnC Beacon 5
sid 2022284 format suricata
et-open trojan-activity
ET MOBILE_MALWARE Trojan-Spy.AndroidOS.SmForw/SlemBunk/SLocker Checkin
sid 2022288 format suricata
et-open command-and-control
ET MALWARE Ironhalo CnC Beacon
sid 2022298 format suricata
et-open command-and-control
ET MALWARE AlphaCrypt CnC Beacon 6
sid 2022300 format suricata
et-open command-and-control
ET MALWARE Win32/Bulta CnC Beacon
sid 2022345 format suricata
et-open pup-activity
ET ADWARE_PUP DealPly Adware CnC Beacon 4
sid 2022354 format suricata
et-open command-and-control
ET MALWARE TrochilusRAT CnC Beacon 1
sid 2022360 format suricata
et-open command-and-control
ET MALWARE TrochilusRAT CnC Beacon 2
sid 2022361 format suricata
et-open command-and-control
ET MALWARE Win32/HydraCrypt CnC Beacon 1
sid 2022495 format suricata
et-open command-and-control
ET MALWARE Alphacrypt/TeslaCrypt Ransomware CnC Beacon
sid 2022504 format suricata
et-open command-and-control
ET MALWARE W32/GCman.Backdoor CnC Beacon
sid 2022529 format suricata
et-open command-and-control
ET MALWARE Ransomware Locky CnC Beacon
sid 2022538 format suricata
et-open command-and-control
ET MALWARE Ransomware Locky CnC Beacon
sid 2022665 format suricata
et-open targeted-activity
ET MALWARE APT.Fwits CnC Beacon M1
sid 2022756 format suricata
et-open targeted-activity
ET MALWARE APT.Fwits CnC Beacon M2
sid 2022757 format suricata
et-open command-and-control
ET MALWARE Ransomware Locky CnC Beacon 2
sid 2022769 format suricata
et-open command-and-control
ET MALWARE PowerShell/Agent.A DNS File Transfer CnC Beacon
sid 2022837 format suricata
et-open command-and-control
ET MALWARE Ransomware Locky CnC Beacon 4 21 May
sid 2022844 format suricata
et-open pup-activity
ET ADWARE_PUP MSIL/Adload.AT Beacon
sid 2022893 format suricata
Showing 251-300 of 926
Prev 6 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin