HeatShield uses the OWASP ModSecurity Core Rule Set. The Core Rule Set (CRS) is an extremely popular open-source collection of attack detection rules maintained by the Open Web Application Security Project (OWASP).
The Core Rule Set includes rules covering many areas of security including:
You can find the source code for the OWASP ModSecurity Core Rule Set on GitHub.