shhgit vs opencti

Our great sponsors

SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App

WorkOS - The modern identity platform for B2B SaaS

InfluxDB - Power Real-Time Data Analytics at Scale

Our great sponsors

shhgit		opencti
	Project
7	Mentions	9
3,787	Stars	4,617
-	Growth	5.5%
0.0	Activity	10.0
8 months ago	Latest Commit	6 days ago
JavaScript	Language	TypeScript
MIT License	License	GNU General Public License v3.0 or later

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

shhgit

Posts with mentions or reviews of shhgit. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-12-20.

Tencent WeChat is now a GitHub secret scanning partner
3 projects | news.ycombinator.com | 20 Dec 2022
Why do people use plain text for usernames and passwords on Github? A cautionary tale.
1 project | /r/cybersecurity | 3 Sep 2022
Searching across github
1 project | /r/hacking | 18 Jul 2022

Shhgit is a really neat tool for this
Around 50,000 GitHub credentials leaked as metadata inside commits
2 projects | /r/netsec | 13 Apr 2022
TruffleHog v3 – Detect and automatically verify over 600 credential types
3 projects | news.ycombinator.com | 4 Apr 2022

There are a lot of secret detection tools out there. It probably is going to depend a lot on the specific features you care about. I personally really like shhgit[0] which is MIT licensed and is the tool I've found to most match my workflows.
[0]: https://github.com/eth0izzle/shhgit
My MetaMask Private Keys Stolen from GitHub Private Repo in 1 Hour
1 project | news.ycombinator.com | 6 Jan 2022

Assuming that the person you were working with didn't drain your wallet, there are many tools which can be used to actively monitor for commits being done on GitHub with secrets of sort.
The first one that comes to my mind is shhgit (https://github.com/eth0izzle/shhgit)
Anyone can self host it and then add multiple GitHub Dev keys to it. Then this can be used to monitor GitHub commits being done, majority of which can be categorized as "secrets".
Ask HN: What are the best automated tools for keeping credentials out of GitHub?
4 projects | news.ycombinator.com | 9 Aug 2021

opencti

Posts with mentions or reviews of opencti. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-02-08.

GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform
1 project | /r/SecOpsDaily | 20 Apr 2023
Creating a cyber threat intelligence tool
3 projects | /r/cybersecurity | 8 Feb 2023

It sounds like you want to jump into game development before learning how to write "Hello, world!". Try using any of the open source tools that already do this and sign up for some "free" threat intel tools and learn the lay of the land. https://www.misp-project.org/ https://github.com/OpenCTI-Platform/opencti https://iplists.firehol.org/ https://www.greynoise.io/
Threat analysis visualization?
2 projects | /r/AskNetsec | 2 Aug 2022

An image - OpenCTI IOC Visualisation The system - OpenCTI Github
Cyber Threat Intelligence
1 project | /r/cybersecurity | 2 Jul 2022

Best thing you can do to start your CTI journey is building an OpenCTI server for yourself. After adding some connectors to your openCTI (AlienVault, malpedia, mitre...), you'll have a strong base to practice and learn CTI.
OpenCTI - Open platform for cyber threat intelligence
1 project | /r/CKsTechNews | 1 Apr 2022
Threat Intelligence platform recommendations
1 project | /r/blueteamsec | 2 Nov 2021

If you haven’t yet, check out OpenCTI https://github.com/OpenCTI-Platform/opencti
OpenCTI-Platform/opencti - Open Cyber Threat Intelligence Platform
1 project | /r/GithubSecurityTools | 25 Oct 2021
OpenCTI Version 4.5.4 released
1 project | /r/blueteamsec | 31 May 2021
OpenCTI: Release Version 4.5.0 - more filters are available in the TAXII collection API
1 project | /r/blueteamsec | 29 Apr 2021

What are some alternatives?

When comparing shhgit and opencti you can also consider the following projects:

git-secrets - Prevents you from committing secrets and credentials into git repositories

MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform

trufflehog - Find and verify credentials

deepdarkCTI - Collection of Cyber Threat Intelligence sources from the deep and dark web

gitleaks - Protect and discover secrets using Gitleaks 🔑

firewalla - http://firewalla.com

detect-secrets - A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets

Shuffle - Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

automerge-action - GitHub action to automatically merge pull requests that are ready

CaptfEncoder - Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.

OSINT-Framework - OSINT Framework

awesome-nodejs-security - Awesome Node.js Security resources

shhgit vs git-secrets opencti vs MISP shhgit vs trufflehog opencti vs deepdarkCTI shhgit vs gitleaks opencti vs firewalla shhgit vs detect-secrets opencti vs Shuffle shhgit vs automerge-action opencti vs CaptfEncoder shhgit vs OSINT-Framework opencti vs awesome-nodejs-security

Compare shhgit vs opencti and see what are their differences.

shhgit

opencti

shhgit

opencti

What are some alternatives?