Skip to content

Pull requests: sublime-security/sublime-rules

New pull request New
105 Open 4,598 Closed
105 Open 4,598 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Update observed IOC rules - 2026-06-19 shared-samples:excluded:author_membership test-rules:excluded:author_membership
#4704 opened Jun 19, 2026 by github-actions Bot Loading…
1
Update Fake Photo Share rule in-test-rules PR is in our testing suite to collect telemetry
#4702 opened Jun 18, 2026 by cybher0808 Member Loading…
@cybher0808
Create body_suspicious_table_template.yml in-test-rules PR is in our testing suite to collect telemetry
#4701 opened Jun 18, 2026 by IndiaAce Member Loading…
Update impersonation_google_drive_file_share.yml in-test-rules PR is in our testing suite to collect telemetry
#4699 opened Jun 18, 2026 by JFarina5 Member Loading…
Update Brand impersonation: Zoom via lookalike domain rule file name in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4697 opened Jun 18, 2026 by D-Bolton Member Loading…
@markmsublime
Update credential_theft_cloud_storage_impersonation.yml in-test-rules PR is in our testing suite to collect telemetry
#4691 opened Jun 17, 2026 by JFarina5 Member Loading…
Update impersonation_fake_copyright_infringement_notice_from_unsolicited_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4690 opened Jun 17, 2026 by JFarina5 Member Loading…
Update suspicious_request_for_quote_or_purchase.yml in-test-rules PR is in our testing suite to collect telemetry
#4687 opened Jun 16, 2026 by D-Bolton Member Loading…
Add detection rule for Claude impersonation in-test-rules PR is in our testing suite to collect telemetry
#4683 opened Jun 16, 2026 by cybher0808 Member Loading…
@cybher0808
Enhance detection rules for suspicious requests in-test-rules PR is in our testing suite to collect telemetry
#4672 opened Jun 15, 2026 by peterdj45 Member Loading…
Refine detection rule for Canada Revenue Agency impersonation in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4668 opened Jun 15, 2026 by cybher0808 Member Loading…
@cybher0808
1
Create link_self_sender_ip_check.yml hunting-required Hunts needed to validate rule efficacy test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules
#4667 opened Jun 15, 2026 by D-Bolton Member Loading…
1
Fuzzy attack score test rules in-test-rules PR is in our testing suite to collect telemetry
#4613 opened Jun 4, 2026 by dlynch-sublime Member Loading…
Revise DHL impersonation detection regex in-test-rules PR is in our testing suite to collect telemetry
#4597 opened Jun 3, 2026 by cybher0808 Member Loading…
@cybher0808
1
Expand confusable character coverage in homoglyph detection rules review-needed Indicates that a PR is waiting for review shared-samples:excluded:author_membership test-rules:excluded:author_membership
#4596 opened Jun 2, 2026 by yana-ivanov Loading…
@IndiaAce
10
Create detection rule for BEC tax document requests in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4586 opened Jun 2, 2026 by cybher0808 Member Loading…
@IndiaAce @cybher0808
9
Add detection rule for suspicious PDF links in RFQ/RFP in-test-rules PR is in our testing suite to collect telemetry
#4563 opened May 28, 2026 by peterdj45 Member Loading…
@IndiaAce
4
Modify Callback phishing rule in-test-rules PR is in our testing suite to collect telemetry
#4554 opened May 27, 2026 by cybher0808 Member Loading…
@cybher0808
Create attachment_pdf_base64_javascript_yara.yml
#4542 opened May 26, 2026 by keaton-sublime Member Draft
Modify self-sender rule to detect suspicious links in-test-rules PR is in our testing suite to collect telemetry
#4529 opened May 22, 2026 by peterdj45 Member Loading…
Update impersonation_fake_copyright_infringement_notice_from_unsolicited_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4526 opened May 21, 2026 by missingn0pe Member Loading…
@IndiaAce @missingn0pe
Update credential_phishing_suspicious_subject_nlu_financial_urgent.yml in-test-rules PR is in our testing suite to collect telemetry
#4519 opened May 20, 2026 by cybher0808 Member Loading…
@cybher0808
Add first_name/last_name concat matching to org_vips body/subject rules in-test-rules PR is in our testing suite to collect telemetry
#4515 opened May 20, 2026 by IndiaAce Member Loading…
Add first_name/last_name concat matching to org_vips sender rules in-test-rules PR is in our testing suite to collect telemetry
#4513 opened May 20, 2026 by IndiaAce Member Loading…
1
Create rule: Generic Financial Document Template in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4498 opened May 15, 2026 by missingn0pe Member Loading…
@IndiaAce @missingn0pe
19
ProTip! Adding no:label will show everything without a label.