Skip to content

Pull requests: sublime-security/sublime-rules

New pull request New
126 Open 4,510 Closed
126 Open 4,510 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Update attachment_pdf_sus_string_single_url.yml in-test-rules PR is in our testing suite to collect telemetry
#4637 opened Jun 8, 2026 by zoomequipd Member Loading…
Create attachment_pdf_self_service_self_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4636 opened Jun 8, 2026 by zoomequipd Member Loading…
Create link_concatenated_display_text_pdf_reference.yml in-test-rules PR is in our testing suite to collect telemetry
#4635 opened Jun 8, 2026 by D-Bolton Member Loading…
Update attachment_pdf_link_sus_lang.yml hunting-required Hunts needed to validate rule efficacy test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules
#4634 opened Jun 8, 2026 by zoomequipd Member Loading…
1
Refine name and description for UPS impersonation rule in-test-rules PR is in our testing suite to collect telemetry
#4633 opened Jun 8, 2026 by cybher0808 Member Loading…
@cybher0808
Update Cloud Service Storage Cred in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4631 opened Jun 5, 2026 by cybher0808 Member Loading…
@IndiaAce @cybher0808
1
Update brand_impersonation_adobe_sign.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4630 opened Jun 5, 2026 by JFarina5 Member Loading…
@IndiaAce
1
Beta test rule in-test-rules PR is in our testing suite to collect telemetry
#4613 opened Jun 4, 2026 by dlynch-sublime Member Loading…
Create link_credential_phishing_cloudflare_tunnel_recipient_targeting… in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4610 opened Jun 3, 2026 by D-Bolton Member Loading…
@IndiaAce
1
Update body_business_email_compromise_new_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4609 opened Jun 3, 2026 by keaton-sublime Member Draft
Update body_advance_fee_new_sender.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4600 opened Jun 3, 2026 by JFarina5 Member Loading…
@IndiaAce
1
Create attachment_pdf_suspicious_financial_lure.yml in-test-rules PR is in our testing suite to collect telemetry
#4598 opened Jun 3, 2026 by keaton-sublime Member Draft
Revise DHL impersonation detection regex in-test-rules PR is in our testing suite to collect telemetry
#4597 opened Jun 3, 2026 by cybher0808 Member Loading…
@cybher0808
1
Expand confusable character coverage in homoglyph detection rules review-needed Indicates that a PR is waiting for review shared-samples:excluded:author_membership test-rules:excluded:author_membership
#4596 opened Jun 2, 2026 by yana-ivanov Loading…
@IndiaAce
8
Create detection rule for BEC tax document requests in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4586 opened Jun 2, 2026 by cybher0808 Member Loading…
@zoomequipd @cybher0808
7
Update observed IOC rules - 2026-06-07 shared-samples:excluded:author_membership test-rules:excluded:author_membership
#4570 opened May 30, 2026 by github-actions Bot Loading…
7
Add service abuse detection rule for Datadog alerts in-test-rules PR is in our testing suite to collect telemetry
#4564 opened May 29, 2026 by peterdj45 Member Loading…
@IndiaAce
2
Add detection rule for suspicious PDF links in RFQ/RFP in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4563 opened May 28, 2026 by peterdj45 Member Loading…
@IndiaAce
2
Update whitespace stuffing regex and generic document sharing thread exclusion hunting-required Hunts needed to validate rule efficacy test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules test-rules:excluded:manual Manually excluded from test-rules, either by adding this label or removing the in-test-rules label
#4556 opened May 28, 2026 by IndiaAce Member Loading…
1
Modify Callback phishing rule in-test-rules PR is in our testing suite to collect telemetry
#4554 opened May 27, 2026 by cybher0808 Member Loading…
@cybher0808
Create link_base64_recipient_with_arrow.yml in-test-rules PR is in our testing suite to collect telemetry
#4551 opened May 27, 2026 by D-Bolton Member Loading…
Add condition for 'Fax Message Delivered' in detection rule in-test-rules PR is in our testing suite to collect telemetry
#4544 opened May 26, 2026 by peterdj45 Member Loading…
Create attachment_pdf_base64_javascript_yara.yml
#4542 opened May 26, 2026 by keaton-sublime Member Draft
Modify self-sender rule to detect suspicious links in-test-rules PR is in our testing suite to collect telemetry
#4529 opened May 22, 2026 by peterdj45 Member Loading…
Update impersonation_fake_copyright_infringement_notice_from_unsolicited_sender.yml in-test-rules PR is in our testing suite to collect telemetry
#4526 opened May 21, 2026 by missingn0pe Member Loading…
@IndiaAce @missingn0pe
ProTip! Updated in the last three days: updated:>2026-06-05.