A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
☆247Updated this week
Alternatives and similar repositories for sublime-platform
Users that are interested in sublime-platform are comparing it to the libraries listed below
Sorting:
- Sublime rules for email attack detection, prevention, and threat hunting.☆348Updated this week
- ☆10Jan 22, 2025Updated last year
- A command-line tool and module for the free Sublime Analysis API☆16Jun 18, 2024Updated last year
- A home for detection content developed by the delivr.to team☆72Aug 10, 2025Updated 6 months ago
- A collection of static files maintained by the Sublime team, primarily used for phishing defense.☆95Updated this week
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,205Dec 29, 2025Updated 2 months ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,199Updated this week
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆60Mar 12, 2022Updated 3 years ago
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆515Feb 19, 2026Updated last week
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Oct 15, 2020Updated 5 years ago
- A Python package and command line utility for scanning emails with YARA rules☆21Jan 23, 2026Updated last month
- Collaborative Incident Response platform☆1,396Feb 16, 2026Updated last week
- A repository to share publicly available Velociraptor detection content☆196Feb 22, 2026Updated last week
- ThreatSeeker: Threat Hunting via Windows Event Logs☆124May 16, 2023Updated 2 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- Collection of generic YARA rules☆16Aug 17, 2025Updated 6 months ago
- A curated list of awesome things related to TheHive & Cortex☆185Oct 9, 2021Updated 4 years ago
- Collection of example YARA-L rules for use within Google Security Operations☆473Dec 5, 2025Updated 2 months ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Zeek support for Community ID flow hashing.☆37Jul 11, 2023Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- A resource for leveraging Windows and Sysmon event codes in threat hunting and incident response.☆24Sep 29, 2024Updated last year
- Your Everyday Threat Intelligence☆1,951Feb 12, 2026Updated 2 weeks ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆132Jul 19, 2024Updated last year
- 🤖 Admyral enables continuous control monitoring for any custom control☆337Nov 27, 2024Updated last year
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆177Dec 2, 2025Updated 2 months ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆23Aug 21, 2019Updated 6 years ago
- Galah: An LLM-powered web honeypot.☆634Jul 24, 2025Updated 7 months ago
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- Built-in Panther detection rules and policies☆439Updated this week
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆612Dec 8, 2025Updated 2 months ago
- Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.☆389Jan 20, 2026Updated last month
- ☆2,510Updated this week
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated last month
- Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.☆324Sep 27, 2024Updated last year
- ☆169Sep 30, 2025Updated 5 months ago
- The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonati…☆939Jan 8, 2026Updated last month
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,059Oct 5, 2023Updated 2 years ago