Documents

The following setup guides have been contributed by members of the Snort Community for your use. Comments and questions on these documents should be submitted directly to the author by clicking on their names below.


Latest rule documents - Search
1-57797
This rule detects a useless bitshift which was observed in obfuscated malicious Javascript samples.
1-57791
This rule detects the attempted download of Win.Packed.SmokeLoader variants, also known as Conti ransomware by looking for unique data contained within the executable file.
1-57790
This rule detects the attempted download of Win.Malware.Agent malicious executable by looking for specific data used in the executable.
1-57789
This rule detects the attempted download of Win.Trojan.Lazagne malicious executable.
1-57788
This rule detects the attempted download of Win.Trojan.Lazagne malicious executable.
1-57787
This rule detects the attempted download of Win.Malware.Agent malicious executable by looking for specific data used in the executable.