sublime-security / sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
☆176Updated last week
Alternatives and similar repositories for sublime-platform:
Users that are interested in sublime-platform are comparing it to the libraries listed below
- Sublime rules for email attack detection, prevention, and threat hunting.☆269Updated this week
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆121Updated 6 months ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 2 months ago
- An opensource sigma conversion tool built using pysigma☆113Updated last month
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆137Updated this week
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆218Updated last year
- Docker image for Velocidex Velociraptor☆118Updated 7 months ago
- ☆86Updated 5 months ago
- Rules generated from our investigations.☆191Updated 3 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆167Updated 4 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 9 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆193Updated 2 weeks ago
- MISP Playbooks☆182Updated last week
- The Sigma command line interface based on pySigma☆142Updated last week
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆101Updated 3 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆107Updated 2 weeks ago
- 🏴☠️💰 Another Ransomware gang tracker☆173Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.☆279Updated 8 months ago
- A tool that allows you to document and assess any security automation in your SOC☆45Updated 2 months ago
- Cisco Orbital - Osquery queries by Talos☆129Updated 5 months ago
- ☆82Updated 3 weeks ago
- A production ready Dockered MISP☆196Updated 2 weeks ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆154Updated last month
- LotL RMM☆117Updated last week
- Automated YARA Rule Standardization and Quality Assurance Tool☆183Updated this week
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆159Updated last year
- Threat Intel Platform for T-POTs☆139Updated this week
- A standard for reducing log volume without sacrificing analytical capability☆198Updated last year
- A repository of my own Sigma detection rules.☆157Updated 4 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆167Updated 2 months ago