ThreatHunting VS sysmon-config

Compare ThreatHunting vs sysmon-config and see what are their differences.


Tools for hunting for threats. (by GossiTheDog)


Sysmon configuration file template with default high-quality event tracing (by SwiftOnSecurity)
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
ThreatHunting sysmon-config
1 34
556 4,483
- -
4.2 0.0
6 months ago about 1 month ago
GNU General Public License v3.0 only -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of ThreatHunting. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-07-26.


Posts with mentions or reviews of sysmon-config. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-05-30.

What are some alternatives?

When comparing ThreatHunting and sysmon-config you can also consider the following projects:

sysmon-modular - A repository of sysmon configuration modules

sigma - Main Sigma Rule Repository

ansible-role-elasticsearch - Ansible Role - Elasticsearch

SysmonTools - Utilities for Sysmon

signature-base - YARA signature and IOC database for my scanners and tools

MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform

vscode-sysmon - Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.


PetitPotam - PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

Event-Forwarding-Guidance - Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

SysmonConfigPusher - Pushes Sysmon Configs

google-cloud-ops-agents-ansible - Ansible Role for Google Cloud Ops