MISP-tools VS ThreatIngestor

Compare MISP-tools vs ThreatIngestor and see what are their differences.

MISP-tools

Import CrowdStrike Threat Intelligence into your instance of MISP (by CrowdStrike)
crowdstrike crowdstrike-falcon Intel misp pymisp crowdstrike-apis crowdstrike-api threat-hunting threat-intelligence Threatintel falconpy falcon-threat-intelligence crowdstrike-threat-intelligence Python
Source Code
Suggest alternative
Edit details

ThreatIngestor

Extract and aggregate threat intelligence. (by InQuest)
IoC indicators-of-compromise Threatintel threat-intelligence Osint Dfir malware-research security-tools threat-sharing threat-feeds threat-hunting misp fraud-detection threat-analysis intelligence-gathering threat-intelligence-platform Yara soar
Source Code
inquest.readthedocs.io
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
MISP-tools ThreatIngestor
2 1
32 786
- 1.9%
6.0 7.6
9 days ago 3 months ago
Python Python
MIT License GNU General Public License v3.0 only
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

MISP-tools

Posts with mentions or reviews of MISP-tools. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-05-13.
  • Ingesting IOCs in to CS from MISP
    4 projects | /r/crowdstrike | 13 May 2022
    I'd start with intel_client.py (most CS interactions happen here) and indicators.py (the logic for the handling of indicators, a lot of this is PyMISP-specific but it will help you identify data elements you want to bring over).

ThreatIngestor

Posts with mentions or reviews of ThreatIngestor. We have used some of these posts to build our list of alternatives and similar projects.

What are some alternatives?

When comparing MISP-tools and ThreatIngestor you can also consider the following projects:

falconpy - The CrowdStrike Falcon SDK for Python

C2IntelFeeds - Automatically created C2 Feeds

PyMISP - Python library using the MISP Rest API

sysmon-config - Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

threatbus - 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

YaraHunter - 🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

falcon-query-assets - Welcome to the Falcon Query Assets GitHub page.

harpoon

misp-warninglists - Warning lists to inform users of MISP about potential false-positives or other information in indicators

StalkPhish - StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

cURL_for_OSINT - cURL Tool Usage for OSINT (Open-Source Intelligence)

uzen - Website crawler with YARA detection

MISP-tools vs falconpy ThreatIngestor vs C2IntelFeeds MISP-tools vs PyMISP ThreatIngestor vs sysmon-config MISP-tools vs threatbus ThreatIngestor vs YaraHunter MISP-tools vs falcon-query-assets ThreatIngestor vs harpoon ThreatIngestor vs misp-warninglists ThreatIngestor vs StalkPhish ThreatIngestor vs cURL_for_OSINT ThreatIngestor vs uzen