Sublime Core Feed
This repo contains open-source Rules for Sublime, a free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing.
Sublime Security
Last updated Mar 21st, 2025
Feed Source
Tactic or Technique is
Rule Name & Severity | Author | Last Updated | Labels | |
|---|---|---|---|---|
Attachment: Calendar invite with suspicious link leading to an open redirect | Sublime Security | 11mo ago Apr 25th, 2024 | /feeds/core/detection-rules/attachment-calendar-invite-with-suspicious-link-leading-to-an-open-redirect-5d6294c7 | |
Attachment: Link to Doubleclick.net Open Redirect | Sublime Security | 4mo ago Oct 24th, 2024 | /feeds/core/detection-rules/attachment-link-to-doubleclicknet-open-redirect-506c16cc | |
Brand impersonation: Microsoft logo or suspicious language with open redirect | Sublime Security | 1y ago Mar 7th, 2024 | /feeds/core/detection-rules/brand-impersonation-microsoft-logo-or-suspicious-language-with-open-redirect-27b8d8d8 | |
Constant Contact link infrastructure abuse | Sublime Security | 2mo ago Jan 11th, 2025 | /feeds/core/detection-rules/constant-contact-link-infrastructure-abuse-8c5e8e4c | |
Fake Zoho Sign template abuse | Sublime Security | 5mo ago Sep 30th, 2024 | /feeds/core/detection-rules/fake-zoho-sign-template-abuse-785fd0d5 | |
Google Accelerated Mobile Pages (AMP) abuse | Sublime Security | 11mo ago Apr 25th, 2024 | /feeds/core/detection-rules/google-accelerated-mobile-pages-amp-abuse-46907029 | |
Google Presentation Open Redirect Phishing | Sublime Security | 3mo ago Dec 17th, 2024 | /feeds/core/detection-rules/google-presentation-open-redirect-phishing-5d01ee3a | |
Image as content with a link to an open redirect (unsolicited) | Sublime Security | 11mo ago Apr 23rd, 2024 | /feeds/core/detection-rules/image-as-content-with-a-link-to-an-open-redirect-unsolicited-f5cec36b | |
Link: Google Calendar invite linking to an open redirect from an untrusted freemail sender | Sublime Security | 5mo ago Oct 10th, 2024 | /feeds/core/detection-rules/link-google-calendar-invite-linking-to-an-open-redirect-from-an-untrusted-freemail-sender-bb4f1ea9 | |
Link: Google Translate (unsolicited) | @ajpc500 | 2y ago Nov 14th, 2023 | /feeds/core/detection-rules/link-google-translate-unsolicited-6949e115 | |
Link: QR code in EML attachment with credential phishing indicators | Sublime Security | 11mo ago Apr 25th, 2024 | /feeds/core/detection-rules/link-qr-code-in-eml-attachment-with-credential-phishing-indicators-9908ed3a | |
Link: Referrer Anonymization Service From Untrusted Sender | Sublime Security | 11d ago Mar 12th, 2025 | /feeds/core/detection-rules/link-referrer-anonymization-service-from-untrusted-sender-9fab2e1e | |
Link to Google Apps Script macro (unsolicited) | Sublime Security | 2y ago Oct 4th, 2023 | /feeds/core/detection-rules/link-to-google-apps-script-macro-unsolicited-d10146df | |
Low reputation link to auto-downloaded HTML file with smuggling indicators | Sublime Security | 10mo ago May 9th, 2024 | /feeds/core/detection-rules/low-reputation-link-to-auto-downloaded-html-file-with-smuggling-indicators-339676c6 | |
Open Redirect: adnxs.com | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-adnxscom-7fc92916 | |
Open Redirect: agena-smile.com | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-agena-smilecom-4a8ebce6 | |
Open Redirect: amaterasu-for-website-5.com | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-amaterasu-for-website-5com-d31f7cb8 | |
Open Redirect: api.spently.com | Sublime Security | 1mo ago Feb 6th, 2025 | /feeds/core/detection-rules/open-redirect-apispentlycom-69740e97 | |
Open redirect: Artisteer | Sublime Security | 6mo ago Sep 11th, 2024 | /feeds/core/detection-rules/open-redirect-artisteer-1f65eec3 | |
Open Redirect: artkaderne | Sublime Security | 7mo ago Aug 23rd, 2024 | /feeds/core/detection-rules/open-redirect-artkaderne-cc16a3f4 | |
Open Redirect: astroarts.co.jp | Sublime Security | 1mo ago Feb 6th, 2025 | /feeds/core/detection-rules/open-redirect-astroartscojp-6dd617af | |
Open redirect: Atdmt | @vector_sec | 2y ago Aug 21st, 2023 | /feeds/core/detection-rules/open-redirect-atdmt-fafbd230 | |
Open redirect: Avast | Sublime Security | 2y ago Oct 4th, 2023 | /feeds/core/detection-rules/open-redirect-avast-5f635658 | |
Open Redirect: bestdeals.today | Sublime Security | 7mo ago Aug 22nd, 2024 | /feeds/core/detection-rules/open-redirect-bestdealstoday-666de100 | |
Open Redirect: Bitrix24 URL Path | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-bitrix24-url-path-e3c85e59 | |
Open redirect: BMW USA | Sublime Security | 2y ago Aug 17th, 2023 | /feeds/core/detection-rules/open-redirect-bmw-usa-1bf4e69a | |
Open Redirect: bubblelife.com | Sublime Security | 1mo ago Feb 5th, 2025 | /feeds/core/detection-rules/open-redirect-bubblelifecom-53c9b893 | |
Open Redirect: buildingengines.com | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-buildingenginescom-93df711e | |
Open Redirect: Cartoon Network | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-cartoon-network-7435e057 | |
Open Redirect: chkc.com.hk | Sublime Security | 7mo ago Aug 22nd, 2024 | /feeds/core/detection-rules/open-redirect-chkccomhk-aa683479 | |
Open redirect: City of Calgary | Sublime Security | 6mo ago Sep 11th, 2024 | /feeds/core/detection-rules/open-redirect-city-of-calgary-00321858 | |
Open Redirect: Club-OS | Sublime Security | 5mo ago Oct 8th, 2024 | /feeds/core/detection-rules/open-redirect-club-os-c6286914 | |
Open Redirect: convertcart.com | Sublime Security | 27d ago Feb 24th, 2025 | /feeds/core/detection-rules/open-redirect-convertcartcom-deab563d | |
Open redirect: Dell | Sublime Security | 5mo ago Oct 4th, 2024 | /feeds/core/detection-rules/open-redirect-dell-718c2b0f | |
Open Redirect: designsori.com | Sublime Security | 1mo ago Jan 28th, 2025 | /feeds/core/detection-rules/open-redirect-designsoricom-4c38ff47 | |
Open Redirect: documentmailbox.com | Sublime Security | 7mo ago Aug 22nd, 2024 | /feeds/core/detection-rules/open-redirect-documentmailboxcom-9b2e9179 | |
Open redirect: Doubleclick.net | Sublime Security | 8mo ago Jul 8th, 2024 | /feeds/core/detection-rules/open-redirect-doubleclicknet-9c620146 | |
Open Redirect: eaoko.org | Sublime Security | 5d ago Mar 18th, 2025 | /feeds/core/detection-rules/open-redirect-eaokoorg-f8fd9912 | |
Open Redirect: easycamp.com | Sublime Security | 2mo ago Dec 31st, 2024 | /feeds/core/detection-rules/open-redirect-easycampcom-f05d377d | |
Open Redirect: embluemail.com | Sublime Security | 1mo ago Feb 6th, 2025 | /feeds/core/detection-rules/open-redirect-embluemailcom-48c5abd3 | |
Open Redirect: emlakarsa | Sublime Security | 6mo ago Sep 9th, 2024 | /feeds/core/detection-rules/open-redirect-emlakarsa-ce5d5b63 | |
Open Redirect: emp.eduyield.com | Sublime Security | 1mo ago Jan 27th, 2025 | /feeds/core/detection-rules/open-redirect-empeduyieldcom-860e1381 | |
Open Redirect: eodcnetworkdirect.com | Sublime Security | 6mo ago Sep 16th, 2024 | /feeds/core/detection-rules/open-redirect-eodcnetworkdirectcom-ef31283e | |
Open Redirect: events.csiro.au | Sublime Security | 6mo ago Sep 18th, 2024 | /feeds/core/detection-rules/open-redirect-eventscsiroau-836f9a98 | |
Open Redirect: ExacTag | Sublime Security | 7mo ago Aug 22nd, 2024 | /feeds/core/detection-rules/open-redirect-exactag-5e40ea99 | |
Open Redirect: fenc.com | Sublime Security | 5mo ago Oct 8th, 2024 | /feeds/core/detection-rules/open-redirect-fenccom-6ff1ab52 | |
Open Redirect: g7.fr | Sublime Security | 7mo ago Aug 22nd, 2024 | /feeds/core/detection-rules/open-redirect-g7fr-4a8dbc58 | |
Open redirect: giving.lluh.org | Sublime Security | 4mo ago Oct 30th, 2024 | /feeds/core/detection-rules/open-redirect-givinglluhorg-a2bf1099 | |
Open Redirect (go2.aspx) leading to Microsoft credential phishing | Sublime Security | 11mo ago Apr 25th, 2024 | /feeds/core/detection-rules/open-redirect-go2aspx-leading-to-microsoft-credential-phishing-51667096 | |
Open redirect: Google Ad Services | Sublime Security | 10mo ago May 10th, 2024 | /feeds/core/detection-rules/open-redirect-google-ad-services-9f91d33b |