Search Rules

Find specific security detections

[[ total_rules_liste ]] results found
open-source · community-driven

Why use
Rulezet?

Detection rules are the foundation of any security system. Rulezet gives you one place to share, improve, and trust them — together.

YARA Sigma Suricata Zeek Wazuh NSE CRS Nova
Explore rules Create an account
8 Formats
Open source
Community
detect_malware.yar
rule DetectMimikatz { meta: author = "community" score = 95 votes = 142 strings: $s1 = "sekurlsa" condition: $s1 }
A detection rule written alone is only as strong as the person who wrote it. A rule reviewed by a community is battle-tested. Rulezet brings researchers, analysts, and engineers together so every rule gets better — faster.

Who is it for?

Made for everyone in security

From seasoned researchers to curious beginners — Rulezet has a place for you.

Security researcher
You build detection logic

Publish your rules, collect community feedback, track improvements over time, and gain visibility for your work.

SOC analyst
You respond to threats

Find reliable, community-validated rules. Import what works and adapt it to your environment in minutes.

Threat intel engineer
You run rule pipelines

Organize rules into bundles, version them, export in any format, and keep your detection stack in sync.

Student / beginner
You’re learning

Browse real rules written by experts. Comment, ask questions, and propose edits — the community is open to everyone.

Features

Everything in one place

No more scattered files, no more guessing which version is correct.

Create & import rules

Write rules directly or import from files. All 8 formats supported out of the box.

Vote & validate

Community voting surfaces the most reliable rules. Bad rules sink, great ones rise.

Propose edits with diff

Suggest improvements with visual diffs — like a pull request, but for detection rules.
Bundle & export

Group rules into bundles and export them in any supported format in one click.
Search & tag

Find rules by format, tag, author, or keyword — search is instant and precise.
REST API

Integrate Rulezet into your own pipelines via the full X-API-KEY authenticated API.
Comments & discussion

Every rule has a discussion thread. Ask, answer, and improve together.
Gamification

Earn points and badges for contributions. The more you give, the more you gain.
Roles & permissions

Fine-grained access control so teams can collaborate safely at scale.
Rulezet is fully open source

Read the code, contribute new rule formats, and run your own instance. No vendor lock-in, no black box, no hidden telemetry. Built by the community, for the community.

View on GitHub Join the community