ThreatHunting VS signature-base

Compare ThreatHunting vs signature-base and see what are their differences.


Tools for hunting for threats. (by GossiTheDog)


YARA signature and IOC database for my scanners and tools (by Neo23x0)
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
ThreatHunting signature-base
1 11
556 2,247
- -
4.2 9.2
6 months ago 3 days ago
GNU General Public License v3.0 only GNU General Public License v3.0 or later
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of ThreatHunting. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-07-26.


Posts with mentions or reviews of signature-base. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-12-20.

What are some alternatives?

When comparing ThreatHunting and signature-base you can also consider the following projects:

malware-ioc - Indicators of Compromises (IOC) of our various investigations

sysmon-config - Sysmon configuration file template with default high-quality event tracing

Loki - Loki - Simple IOC and YARA Scanner

awesome-yara - A curated list of awesome YARA rules, tools, and people.

MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform

reversinglabs-yara-rules - ReversingLabs YARA Rules

audit-node-modules-with-yara - Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles

PetitPotam - PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

yara-python - The Python interface for YARA

YaraHunter - 🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍


uBlock - uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.