Sublime Platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, and collaborate with the community. Sublime uses Message Query Language (MQL), a domain-specific language purpose-built for describing behavior in email. MQL is email provider agnostic, enabling defenders to write, run, and share Detections-as-Code. Open-source detection rules and links to community feeds are maintained in the sublime-rules repository. Learn more about MQL: Introduction to Message Query Language. Setup instructions, Docker Quickstart, other deployment methods, documentation, API, release log, and more are available.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Android application for learning about vulnerabilities in modern Android apps and testing pentesting skills.
A collection of disposable and temporary email address domains used for spamming or abusing services.
Repository for apps to be used in Shuffle with compatibility instructions.
A repository providing guidance on mitigating hardware and firmware security vulnerabilities including side-channel attacks, UEFI hardening, and microcode vulnerabilities.
A platform for creating and managing fake phishing campaigns to raise awareness and train users to identify suspicious emails.
Steghide is a steganography program for hiding data in image and audio files.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
King Phisher is a phishing campaign toolkit for testing and promoting user awareness through simulated attacks.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.