sublime-security / sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
☆210Updated last week
Alternatives and similar repositories for sublime-platform:
Users that are interested in sublime-platform are comparing it to the libraries listed below
- Sublime rules for email attack detection, prevention, and threat hunting.☆304Updated this week
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆127Updated 9 months ago
- Docker image for Velocidex Velociraptor☆126Updated 2 months ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆253Updated 5 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆245Updated last month
- MISP Playbooks☆199Updated 2 months ago
- An opensource sigma conversion tool built using pysigma☆125Updated 4 months ago
- Rules generated from our investigations.☆194Updated last month
- Docker image for MISP☆127Updated last month
- A standard for reducing log volume without sacrificing analytical capability☆204Updated 2 months ago
- LotL RMM☆174Updated last month
- Rapidly Search and Hunt through Linux Forensics Artifacts☆188Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆293Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- The Sigma command line interface based on pySigma☆152Updated 3 weeks ago
- Tools for simulating threats☆183Updated last year
- ☆118Updated last year
- Repository of attack and defensive information for Business Email Compromise investigations☆251Updated 3 months ago
- A repository to share publicly available Velociraptor detection content☆163Updated this week
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆244Updated this week
- Convert Sigma rules to SIEM queries, directly in your browser.☆74Updated this week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆153Updated 2 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆243Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆287Updated last year
- ☆87Updated 2 months ago
- Cyber Incident Response Team Playbook Battle Cards☆375Updated 11 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆211Updated last month
- Zeek-Formatted Threat Intelligence Feeds☆361Updated this week
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆103Updated 6 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆111Updated last month