Skip to content

Pull requests: sublime-security/sublime-rules

New pull request New
132 Open 4,467 Closed
132 Open 4,467 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Update body_advance_fee_new_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4600 opened Jun 3, 2026 by JFarina5 Member Loading…
Update generic_pdf.yar review-needed Indicates that a PR is waiting for review
#4599 opened Jun 3, 2026 by keaton-sublime Member Loading…
1
Create attachment_pdf_suspicious_financial_lure.yml in-test-rules PR is in our testing suite to collect telemetry
#4598 opened Jun 3, 2026 by keaton-sublime Member Draft
Revise DHL impersonation detection regex in-test-rules PR is in our testing suite to collect telemetry
#4597 opened Jun 3, 2026 by cybher0808 Member Loading…
@cybher0808
Expand confusable character coverage in homoglyph detection rules review-needed Indicates that a PR is waiting for review shared-samples:excluded:author_membership test-rules:excluded:author_membership
#4596 opened Jun 2, 2026 by yana-ivanov Loading…
2
Update impersonation_fake_copyright_infringement_notice_from_unsolicited_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4595 opened Jun 2, 2026 by JFarina5 Member Loading…
Update spam_fake_photo_share.yml in-test-rules PR is in our testing suite to collect telemetry
#4592 opened Jun 2, 2026 by JFarina5 Member Loading…
Update link_fake_storage_alert.yml in-test-rules PR is in our testing suite to collect telemetry
#4588 opened Jun 2, 2026 by JFarina5 Member Loading…
Create detection rule for BEC tax document requests in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4586 opened Jun 2, 2026 by cybher0808 Member Loading…
@cybher0808
1
Update attachment_pdf_link_sus_lang.yml hunting-required Hunts needed to validate rule efficacy test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules
#4581 opened Jun 1, 2026 by JFarina5 Member Loading…
1
Create attachment_pdf_workersdev.yml in-test-rules PR is in our testing suite to collect telemetry
#4579 opened Jun 1, 2026 by zoomequipd Member Loading…
Update paypal_invoice_abuse.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4577 opened Jun 1, 2026 by markmsublime Member Loading…
1
Update observed IOC rules - 2026-06-02 shared-samples:excluded:author_membership test-rules:excluded:author_membership
#4570 opened May 30, 2026 by github-actions Bot Loading…
4
Create body_self_sender_bold_pdf_link.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4565 opened May 29, 2026 by keaton-sublime Member Loading…
2
Add service abuse detection rule for Datadog alerts in-test-rules PR is in our testing suite to collect telemetry
#4564 opened May 29, 2026 by peterdj45 Member Loading…
Add detection rule for suspicious PDF links in RFQ/RFP in-test-rules PR is in our testing suite to collect telemetry
#4563 opened May 28, 2026 by peterdj45 Member Loading…
Update whitespace stuffing regex and generic document sharing thread exclusion hunting-required Hunts needed to validate rule efficacy test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules test-rules:excluded:manual Manually excluded from test-rules, either by adding this label or removing the in-test-rules label
#4556 opened May 28, 2026 by IndiaAce Member Loading…
1
Modify Callback phishing rule in-test-rules PR is in our testing suite to collect telemetry
#4554 opened May 27, 2026 by cybher0808 Member Loading…
@cybher0808
Create link_base64_recipient_with_arrow.yml in-test-rules PR is in our testing suite to collect telemetry
#4551 opened May 27, 2026 by D-Bolton Member Loading…
Add condition for 'Fax Message Delivered' in detection rule in-test-rules PR is in our testing suite to collect telemetry
#4544 opened May 26, 2026 by peterdj45 Member Loading…
Create attachment_pdf_base64_javascript_yara.yml
#4542 opened May 26, 2026 by keaton-sublime Member Draft
Modify self-sender rule to detect suspicious links in-test-rules PR is in our testing suite to collect telemetry
#4529 opened May 22, 2026 by peterdj45 Member Loading…
Update impersonation_fake_copyright_infringement_notice_from_unsolicited_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4526 opened May 21, 2026 by missingn0pe Member Loading…
@IndiaAce @missingn0pe
Update brand_impersonation_irs.yml in-test-rules PR is in our testing suite to collect telemetry
#4521 opened May 21, 2026 by markmsublime Member Loading…
Update credential_phishing_suspicious_subject_nlu_financial_urgent.yml in-test-rules PR is in our testing suite to collect telemetry
#4519 opened May 20, 2026 by cybher0808 Member Loading…
@cybher0808
ProTip! Exclude everything labeled bug with -label:bug.