Skip to content

Pull requests: sublime-security/sublime-rules

New pull request New
170 Open 4,085 Closed
170 Open 4,085 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Create attachment_qr_code_linking_to_cloudflare_turnstile_challenge.yml hunting-required Hunts needed to validate rule efficacy test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules
#4256 opened Mar 24, 2026 by hadojae Loading…
1
Update attachment_pdf_sus_string_single_url.yml in-test-rules PR is in our testing suite to collect telemetry
#4255 opened Mar 24, 2026 by D-Bolton Loading…
Create body_three_icons_template.yml in-test-rules PR is in our testing suite to collect telemetry
#4254 opened Mar 24, 2026 by keaton-sublime Draft
New rule: Google Drive embedded image in-test-rules PR is in our testing suite to collect telemetry
#4253 opened Mar 23, 2026 by missingn0pe Loading…
Update brand_impersionation_zoom_lookalike.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4250 opened Mar 23, 2026 by D-Bolton Loading…
Update impersonation_usps.yml in-test-rules PR is in our testing suite to collect telemetry
#4248 opened Mar 23, 2026 by markmsublime Loading…
Create link_suspicious_domain_com_prefix.yml in-test-rules PR is in our testing suite to collect telemetry
#4247 opened Mar 23, 2026 by keaton-sublime Draft
Create body_strange_date_format.yml in-test-rules PR is in our testing suite to collect telemetry
#4246 opened Mar 23, 2026 by keaton-sublime Draft
New rule: Generic document sharing template in-test-rules PR is in our testing suite to collect telemetry
#4245 opened Mar 20, 2026 by missingn0pe Loading…
Create service_abuse_microsoft_azure_noreply.yml in-test-rules PR is in our testing suite to collect telemetry
#4244 opened Mar 20, 2026 by markmsublime Loading…
Create service_abuse_mimecast_second_stage.yml in-test-rules PR is in our testing suite to collect telemetry
#4243 opened Mar 20, 2026 by MSAdministrator Loading…
Create detection rule for ZoomInfo impersonation in-test-rules PR is in our testing suite to collect telemetry
#4242 opened Mar 20, 2026 by cybher0808 Loading…
@cybher0808
10
Create link_suspicious_action_undisclosed_recipients.yml in-test-rules PR is in our testing suite to collect telemetry
#4240 opened Mar 20, 2026 by MSAdministrator Loading…
Update suspicious_subject_procedurally_generated_blob.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4239 opened Mar 20, 2026 by D-Bolton Loading…
Update attachment_pdf_sus_string_single_url.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4238 opened Mar 20, 2026 by D-Bolton Loading…
2
Add detection rule for mismatched RAR file extensions
#4236 opened Mar 20, 2026 by peterdj45 Loading…
Add ADE Automation review-needed Indicates that a PR is waiting for review shared-samples:excluded:author_membership
#4234 opened Mar 19, 2026 by srschreiber Draft
1
Create attachment_ics_aws_lambda_base64_url.yml in-test-rules PR is in our testing suite to collect telemetry
#4233 opened Mar 19, 2026 by markmsublime Loading…
Update spam_crypto_giveaway.yml in-test-rules PR is in our testing suite to collect telemetry
#4231 opened Mar 19, 2026 by MSAdministrator Loading…
Create service_abuse_github_notifications_sus_link.yml in-test-rules PR is in our testing suite to collect telemetry
#4230 opened Mar 19, 2026 by MSAdministrator Loading…
1
Create attachment_eml_qr_url_leads_to_cloudflare_turnstile.yml hunting-required Hunts needed to validate rule efficacy review-needed Indicates that a PR is waiting for review test-rules:excluded:link_analysis Link analysis in rule, excluding from test rules
#4229 opened Mar 19, 2026 by hadojae Loading…
2
Update impersonation_benefits_enrollment.yml in-test-rules PR is in our testing suite to collect telemetry
#4227 opened Mar 19, 2026 by markmsublime Loading…
Create suspicious_request_account_invoice.yml in-test-rules PR is in our testing suite to collect telemetry
#4226 opened Mar 19, 2026 by cybher0808 Loading…
@cybher0808
1
Update attachment_encrypted_pdf_cred_theft.yml in-test-rules PR is in our testing suite to collect telemetry review-needed Indicates that a PR is waiting for review
#4222 opened Mar 18, 2026 by MSAdministrator Loading…
4
Updating body sources & adding keywords for Fake Legal Notice in-test-rules PR is in our testing suite to collect telemetry
#4220 opened Mar 17, 2026 by missingn0pe Loading…
2
ProTip! What’s not been updated in a month: updated:<2026-02-24.