GitHub RadarBlue team tool

sublime-security/sublime-rules

Sublime rules for email attack detection, prevention, and threat hunting. Primary language: YAML. 364 stars.

YAML364 stars99 forkspushed Jun 12, 2026MIT

Project links:Open GitHub project Back to radar

README Preview

Fetched from GitHub

Sublime Rules ========== by Sublime Security

This repo contains open-source rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Examples ----------

HTML smuggling
VIP / Executive impersonation
Malicious OneNote files
Malicious LNK files
Encrypted zips

Community Rule Feeds ----------

DelivrTo
vector-sec
amitchell516

Learn more ----------

Blog
Docs
Message Query Language (MQL) reference
Release log