sublime-security / sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
☆184Updated this week
Alternatives and similar repositories for sublime-platform:
Users that are interested in sublime-platform are comparing it to the libraries listed below
- Sublime rules for email attack detection, prevention, and threat hunting.☆276Updated this week
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆254Updated 3 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆121Updated 7 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆142Updated last week
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆228Updated last year
- Docker image for Velocidex Velociraptor☆120Updated 8 months ago
- Docker image for MISP☆123Updated last month
- An opensource sigma conversion tool built using pysigma☆117Updated 2 months ago
- MISP Playbooks☆186Updated 2 weeks ago
- 🏴☠️💰 Another Ransomware gang tracker☆179Updated this week
- Rules generated from our investigations.☆193Updated 4 months ago
- ☆83Updated last month
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 4 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆246Updated last month
- LotL RMM☆129Updated 2 weeks ago
- The Sigma command line interface based on pySigma☆146Updated this week
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆251Updated this week
- Collection of useful Canary tools☆75Updated 2 weeks ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆156Updated 2 weeks ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆205Updated this week
- A standard for reducing log volume without sacrificing analytical capability☆199Updated last week
- Import CrowdStrike Threat Intelligence into your instance of MISP☆43Updated 4 months ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆162Updated last year
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆183Updated 8 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆102Updated 4 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆283Updated 9 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆186Updated this week
- Cyber Incident Response Team Playbook Battle Cards☆370Updated 9 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆167Updated last week