sublime-security / sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
☆168Updated this week
Related projects ⓘ
Alternatives and complementary repositories for sublime-platform
- Sublime rules for email attack detection, prevention, and threat hunting.☆256Updated this week
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆252Updated this week
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆116Updated 4 months ago
- Rules generated from our investigations.☆189Updated 3 weeks ago
- ☆114Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆203Updated last year
- 🏴☠️💰 Another Ransomware gang tracker☆157Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆198Updated this week
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆155Updated 2 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆49Updated last month
- MISP Playbooks☆174Updated last month
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆130Updated this week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated 2 weeks ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆98Updated last month
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆125Updated last year
- Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results☆251Updated this week
- HASH (HTTP Agnostic Software Honeypot)☆128Updated 6 months ago
- A standard for reducing log volume without sacrificing analytical capability☆189Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated 8 months ago
- ☆83Updated 3 months ago
- A repository of my own Sigma detection rules.☆156Updated 2 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆241Updated 6 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆275Updated 6 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆230Updated 2 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆145Updated last week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆123Updated 8 months ago
- God Mode Detection Rules☆131Updated 3 months ago
- Cisco Orbital - Osquery queries by Talos☆123Updated 2 months ago
- The Sigma command line interface based on pySigma☆136Updated 3 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆162Updated this week