• Sublime Core Feed

Sublime Core Feed

This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.

Sublime Security
Last updated Jun 6th, 2025
Feed Source
Tactic or Technique is
Rule Name & Severity
Author
Last Updated
Labels
Attachment: Archive contains DLL-loading macro
Sublime Security
2y ago
Dec 28th, 2023
/feeds/core/detection-rules/attachment-archive-contains-dll-loading-macro-3a193f5f
Attachment: Link file with UNC path
Sublime Security
2y ago
Aug 21st, 2023
/feeds/core/detection-rules/attachment-link-file-with-unc-path-3b7ee0fb
Attachment: LNK file
@ajpc500
2y ago
Aug 21st, 2023
/feeds/core/detection-rules/attachment-lnk-file-44532abe
Attachment: LNK with embedded content
@ajpc500
2y ago
Aug 21st, 2023
/feeds/core/detection-rules/attachment-lnk-with-embedded-content-41452f7a
Link to auto-download of a suspicious file type (unsolicited)
Sublime Security
3mo ago
Mar 5th, 2025
/feeds/core/detection-rules/link-to-auto-download-of-a-suspicious-file-type-unsolicited-67ae2152
QR code to auto-download of a suspicious file type (unsolicited)
Sublime Security
6mo ago
Nov 20th, 2024
/feeds/core/detection-rules/qr-code-to-auto-download-of-a-suspicious-file-type-unsolicited-eed87ea2