ThreatKB Logo

ThreatKB

0
Free
Visit Website

ThreatKB is a knowledge base workflow management dashboard for YARA rules and C2 artifacts. Rules are categorized and used to denote intent, severity, and confidence in accumulated artifacts. To start using ThreatKB, check out our wiki. Installing by Docker is the currently recommended way of setting up ThreatKB, directions are included as the first link in the wiki. Installation by source is included in the wiki as well. ThreatKB utilizes Plyara to parse YARA rules into Python dictionaries. A huge thank you to the Plyara team! When a release is created, the system first pulls all signatures that are in the release state. Then, it gathers all signatures that are in the staging state and checks their revision history for the most recently released revision that is in the release state. If it finds it, it will include it in the release. If it does not find any previously released revisions, it will

FEATURES

ALTERNATIVES

Real-time monitoring tool for newly issued SSL certificates.

A library of Amazon S3 attack scenarios with mitigation strategies.

Vectra AI offers an AI-driven Attack Signal Intelligence platform that uses advanced machine learning to detect and respond to cyber threats across hybrid cloud environments.

Open Source Threat Intelligence Collector with plugin-oriented framework.

Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.

ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).

A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.

An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.