Home/Network IDS rules
IDS / IPS

Network IDS rules

1,435 rules · linked to T1566 · Snort / Suricata signatures
Network intrusion-detection signatures from open rulesets (ET Open, Snort Community, abuse.ch). These match malicious traffic patterns on the wire. Expand a rule to view its source link.

Rules

50 shown of 1,435
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M1 2018-08-30
sid 2026061 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M2 2018-08-30
sid 2026062 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M3 2018-08-30
sid 2026063 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M4 2018-08-30
sid 2026064 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M5 2018-08-30
sid 2026065 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M6 2018-08-30
sid 2026066 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M7 2018-08-30
sid 2026067 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M8 2018-08-30
sid 2026068 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M9 2018-08-30
sid 2026069 format suricata
et-open social-engineering
ET PHISHING Generic PhishKit Author Comment M10 2018-08-30
sid 2026070 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-09-21
sid 2026360 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-09-24
sid 2026362 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-09-26
sid 2026412 format suricata
et-open credential-theft
ET PHISHING Successful Generic .EDU.TW Phish (Legit Set)
sid 2026430 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-10-16
sid 2026492 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-10-16
sid 2026493 format suricata
et-open credential-theft
ET PHISHING Possible Successful Phish - Generic Credential POST to Ngrok.io
sid 2026516 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-10-18
sid 2026518 format suricata
et-open credential-theft
ET PHISHING Successful Fedex/DHL Phish (set) 2018-10-22
sid 2026529 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2018-10-22
sid 2026530 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish to .ml Domain 2018-10-23
sid 2026532 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish to .cf Domain 2018-10-23
sid 2026533 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish to .ga Domain 2018-10-23
sid 2026534 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish to .gq Domain 2018-10-23
sid 2026535 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish to .gqn Domain 2018-10-23
sid 2026536 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish to zap-webspace.com Webhost 2018-10-25
sid 2026553 format suricata
et-open credential-theft
ET PHISHING Successful Cryptocurrency Exchange Phish (set) 2018-10-25
sid 2026554 format suricata
et-open suspicious-login
ET PHISHING Suspicious Fake Login - Possible Phishing - 2018-12-31
sid 2026746 format suricata
et-open credential-theft
ET PHISHING Suspicious Generic Login - Possible Successful Phish 2019-01-02
sid 2026749 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish to .icu Domain 2019-02-06
sid 2026886 format suricata
et-open credential-theft
ET PHISHING Successful Generic .EDU.CO Phish (Legit Set)
sid 2026894 format suricata
et-open credential-theft
ET PHISHING Successful Generic .EDU.BR Phish (Legit Set)
sid 2026895 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish (set) 2019-02-13
sid 2026902 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish (set) 2019-02-13
sid 2026903 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish (set) 2019-02-13
sid 2026904 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish (set) 2019-02-13
sid 2026905 format suricata
et-open trojan-activity
ET PHISHING Suspicious SSN Parameter in HTTP POST - Possible Phishing
sid 2026908 format suricata
et-open trojan-activity
ET PHISHING Suspicious CVV Parameter in HTTP POST - Possible Phishing
sid 2026909 format suricata
et-open credential-theft
ET PHISHING Possible Successful Generic Phish (set) 2019-03-06
sid 2027046 format suricata
et-open credential-theft
ET PHISHING Possible Successful Phish - Password Submitted to *.000webhostapp.com
sid 2027146 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2019-04-12
sid 2027196 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish 2019-04-30 (set)
sid 2027294 format suricata
et-open credential-theft
ET PHISHING Successful Generic Phish (set) 2019-05-21
sid 2027371 format suricata
et-open social-engineering
ET PHISHING Cloned EWE Telecom Page - Possible Phishing Landing
sid 2027519 format suricata
et-open social-engineering
ET PHISHING Cloned La Banque Postale FR Page - Possible Phishing Landing
sid 2027520 format suricata
et-open social-engineering
ET PHISHING Cloned ATB Bank Online Page - Possible Phishing Landing
sid 2027521 format suricata
et-open social-engineering
ET PHISHING Cloned RBC Royal Bank Page - Possible Phishing Landing
sid 2027522 format suricata
et-open social-engineering
ET PHISHING Cloned CIBC Bank Page - Possible Phishing Landing M1
sid 2027523 format suricata
et-open social-engineering
ET PHISHING Cloned ABSA Bank Page - Possible Phishing Landing
sid 2027524 format suricata
et-open social-engineering
ET PHISHING Cloned Instagram Page - Possible Phishing Landing M1
sid 2027525 format suricata
Showing 251-300 of 1,435
Prev 6 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin