{"id":13383174,"url":"https://github.com/inquest/threatkb","last_synced_at":"2026-01-17T09:43:08.984Z","repository":{"id":23184948,"uuid":"98370220","full_name":"InQuest/ThreatKB","owner":"InQuest","description":"Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)","archived":false,"fork":false,"pushed_at":"2025-01-16T04:54:19.000Z","size":30121,"stargazers_count":97,"open_issues_count":42,"forks_count":17,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-01-16T05:32:17.779Z","etag":null,"topics":["malware-research","yara","yara-manager","yara-rules","yara-signatures"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/InQuest.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-26T02:30:20.000Z","updated_at":"2025-01-08T03:23:05.000Z","dependencies_parsed_at":"2023-01-14T01:00:39.559Z","dependency_job_id":"75fa191a-bd20-45bb-81b6-d11d6d90f205","html_url":"https://github.com/InQuest/ThreatKB","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/InQuest%2FThreatKB","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/InQuest%2FThreatKB/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/InQuest%2FThreatKB/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/InQuest%2FThreatKB/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/InQuest","download_url":"https://codeload.github.com/InQuest/ThreatKB/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243377556,"owners_count":20281251,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["malware-research","yara","yara-manager","yara-rules","yara-signatures"],"created_at":"2024-07-30T10:01:12.339Z","updated_at":"2025-03-13T09:31:49.915Z","avatar_url":"https://github.com/InQuest.png","language":"JavaScript","funding_links":[],"categories":["\u003ca id=\"7485e724ef5efd1daf9d672bd72fb595\"\u003e\u003c/a\u003eDNS协议"],"sub_categories":["\u003ca id=\"d70a62f77fa20a2219e81fa61527e644\"\u003e\u003c/a\u003e工具"],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://raw.githubusercontent.com/InQuest/ThreatKB/rc/.github/wiki/inquest_logo.svg\" /\u003e\n\u003c/p\u003e\n\n### NOTE: THIS REPO IS IN AN ALPHA STATE\n\nThreatKB is a knowledge base workflow management dashboard for YARA rules and C2 artifacts. Rules are categorized and used to denote intent, severity, and confidence in accumulated artifacts.\n\nTo start using ThreatKB, check out our [wiki](https://github.com/InQuest/ThreatKB/wiki).\n\n---\n\nInstalling by Docker is the currently recommended way of setting up ThreatKB, directions are included as the first link in the wiki. Installation by source is included in the wiki as well.\n\n## Table of Contents\n\n* [Home](https://github.com/InQuest/ThreatKB/wiki)\n* [Setup ThreatKB](https://github.com/InQuest/ThreatKB/wiki/Setup)\n  + [Pre-requisites](https://github.com/InQuest/ThreatKB/wiki/Setup#pre-requisites)\n  + [System Prep](https://github.com/InQuest/ThreatKB/wiki/Setup#system-prep)\n  + [Application Install](https://github.com/InQuest/ThreatKB/wiki/Setup#application-install)\n* [Getting Started](https://github.com/InQuest/ThreatKB/wiki/Getting-Started)\n  + [Running ThreatKB](https://github.com/InQuest/ThreatKB/wiki/Getting-Started#running-threatkb)\n  + [Admin User Creation](https://github.com/InQuest/ThreatKB/wiki/Getting-Started#admin-user-creation)\n* [Docker Installation](https://github.com/InQuest/ThreatKB/wiki/Docker)\n* [Database Structure](https://github.com/InQuest/ThreatKB/wiki/Database-Structure)\n* [Documentation](https://github.com/InQuest/ThreatKB/wiki/Documentation)\n* [FAQ](https://github.com/InQuest/ThreatKB/wiki/Frequently-Asked-Questions)\n\n## Thank You\nThreatKB utilizes Plyara to parse YARA rules into Python dictionaries. A huge thank you to the Plyara team! Links to the project are below:\n\n- [Plyara](https://github.com/plyara/plyara) ([LICENSE](https://github.com/plyara/plyara/blob/master/LICENSE))\n\nWhen a release is created, the system first pulls all signatures that are in the release state. Then, it gathers all signatures that are in the staging state and checks their revision history for the most recently released revision that is in the release state. If it finds it, it will include it in the release. If it does not find any previously released revisions, it will skip the signature.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finquest%2Fthreatkb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Finquest%2Fthreatkb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Finquest%2Fthreatkb/lists"}