ThreatHunting VS signature-base

Compare ThreatHunting vs signature-base and see what are their differences.

ThreatHunting

Tools for hunting for threats. (by GossiTheDog)

#threat-hunting #nexthink

signature-base

YARA signature and IOC database for my scanners and tools (by Neo23x0)

#Signature #yara-rules #IoC #Scanner #Yara #anti-virus #Hash #threat-hunting #threat-intelligence #Dfir

Our great sponsors

SonarQube - Static code analysis for 29 languages.

Revelo Payroll - Free Global Payroll designed for tech teams

InfluxDB - Collect and Analyze Billions of Data Points in Real Time

Onboard AI - Learn any GitHub repo in 59 seconds

Our great sponsors

ThreatHunting		signature-base
	Project
1	Mentions	11
530	Stars	2,115
-	Growth	-
0.0	Activity	5.4
about 1 month ago	Latest Commit	4 days ago
YARA	Language	YARA
GNU General Public License v3.0 only	License	GNU General Public License v3.0 or later

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

ThreatHunting

Posts with mentions or reviews of ThreatHunting. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-07-26.

NTLM Relay Attack PetitPotam: What We Know So Far
2 projects | /r/sysadmin | 26 Jul 2021

signature-base

Posts with mentions or reviews of signature-base. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-12-20.

Evidence of a log4j attack found - Now what?
2 projects | /r/cybersecurity | 20 Dec 2021

Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.
APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules
2 projects | /r/blueteamsec | 30 May 2021

Rules https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_nobelium_may21.yar
What are the best FOSS YARA rules you would recommend to deploy?
2 projects | /r/blueteamsec | 11 May 2021
OISD Domain Blocklist
4 projects | /r/oisd_blocklist | 16 Mar 2021

What are some alternatives?

When comparing ThreatHunting and signature-base you can also consider the following projects:

malware-ioc - Indicators of Compromises (IOC) of our various investigations

sysmon-config - Sysmon configuration file template with default high-quality event tracing

Loki - Loki - Simple IOC and YARA Scanner

awesome-yara - A curated list of awesome YARA rules, tools, and people.

MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform

reversinglabs-yara-rules - ReversingLabs YARA Rules

audit-node-modules-with-yara - Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles

PetitPotam - PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

blacklist-named

yara-python - The Python interface for YARA

YaraHunter - 🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

uBlock - uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.

signature-base vs malware-ioc

ThreatHunting vs sysmon-config

signature-base vs Loki

signature-base vs awesome-yara

ThreatHunting vs MISP

signature-base vs reversinglabs-yara-rules

signature-base vs audit-node-modules-with-yara

ThreatHunting vs PetitPotam

signature-base vs blacklist-named

signature-base vs yara-python

signature-base vs YaraHunter

signature-base vs uBlock