diff --git a/network/detection/pgsql-detect.yaml b/network/detection/pgsql-detect.yaml
new file mode 100644
index 0000000000..fc8af112ce
--- /dev/null
+++ b/network/detection/pgsql-detect.yaml
@@ -0,0 +1,30 @@
+id: pgsql-detect
+
+info:
+  name: Postgresql Detection
+  author: nybble04
+  severity: info
+  description: |
+    Detects if a Postgresql RDBMS server is running on the target.
+  metadata:
+    verified: true
+  tags: network,postgresql,db
+
+network:
+  - inputs:
+      - data: "000000500003000075736572006e75636c6569006461746162617365006e75636c6569006170706c69636174696f6e5f6e616d65007073716c00636c69656e745f656e636f64696e6700555446380000"
+        type: hex
+      - data: "7000000036534352414d2d5348412d32353600000000206e2c2c6e3d2c723d000000000000000000000000000000000000000000000000"
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:5432"
+    read-size: 2048
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "SCRAM-SHA-256"
+          - "Mpassword authentication failed for user"
\ No newline at end of file