Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for zeek
zeek
x
119 search results found
Zeek
⭐
5,731
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Ivre
⭐
3,167
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
Packetstreamer
⭐
1,851
⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐
Malcolm
⭐
1,619
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Lme
⭐
616
Logging Made Easy (LME) is a free and open logging and protective monitoring solution serving all organizations.
Tenzir
⭐
608
Open source security data pipelines.
Stratospherelinuxips
⭐
598
Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Bzar
⭐
471
A set of Zeek scripts to detect ATT&CK techniques.
Zat
⭐
414
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
S1em
⭐
373
This project is a SIEM with SIRP and Threat Intel, all in one.
Malcolm
⭐
305
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Zeek Intelligence Feeds
⭐
287
Zeek-Formatted Threat Intelligence Feeds
Threatbus
⭐
239
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
Spicy
⭐
225
C++ parser generator for dissecting protocols & files.
Bro Gramming
⭐
147
Bro IDS programs collection.
Pcapmonkey
⭐
130
PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
Dynamite Nsm
⭐
128
DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
Docker Bro
⭐
127
Bro IDS Dockerfile
Tht
⭐
112
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
Dovehawk
⭐
107
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Bro Sysmon
⭐
93
How to Zeek Sysmon Logs!
File Extraction
⭐
92
Extract files from network traffic with Zeek.
Docker Zeek
⭐
89
Zeek IDS Dockerfile
Bro Scripts
⭐
72
Gquic_protocol_analyzer
⭐
64
GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor
Brimcap
⭐
62
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
Broker
⭐
62
Zeek's Messaging Library
Zeek Agent V2
⭐
52
Open source endpoint agent providing host information to Zeek. [v2]
Zeek_anomaly_detector
⭐
51
A completely automated anomaly detector Zeek network flows files (conn.log).
Zeek Docs
⭐
45
Documentation for Zeek
Megadev
⭐
44
Bro IDS + ELK Stack to detect and block data exfiltration
Zeek Network Security Monitor
⭐
42
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
Joe Sandbox Bro
⭐
39
JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox
Zeek Cryptomining
⭐
36
Detect cryptocurrency mining traffic with Zeek.
Cve 2020 0601
⭐
36
Zeek package to detect CVE-2020-0601
Zeek Kafka
⭐
35
A Zeek log writer plugin that publishes to Kafka.
Docker Zeek
⭐
34
Run zeek with zeekctl in docker
Hardenedlinux Zeek Scripts
⭐
33
Anomalous Dns
⭐
33
A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.
Pfsense Pkg Zeek
⭐
32
Zeek (formerly Bro) Network Security Monitor package for pfSense router/firewall
Rock Scripts
⭐
31
Bro scripts for the ROCK platform. http://rocknsm.io
Zeek Plugin S7comm
⭐
30
Zeek network security monitor plugin that enables parsing of the S7 protocol
Bindings
⭐
29
Addresses & function signatures for Geometry Dash
Ripple20
⭐
28
A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
Json Streaming Logs
⭐
27
Bro script package to create JSON formatted logs to stream into data analysis systems.
Zeek Plugin Enip
⭐
26
Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards
Zeek Long Connections
⭐
24
Zeek package for tracking long connections to report them before they have completed.
Zeek2es
⭐
23
A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for further processing!
Zeek Plugin Profinet
⭐
22
Zeek network security monitor plugin that enables parsing of the Profinet protocol
Bro.vim
⭐
22
bro.vim - A simple plugin for working with the bro scripting languages.
Zeek Plugin Tds
⭐
20
Zeek network security monitor plugin that enables parsing of the Tabular Data Stream (TDS) protocol
Smbfp
⭐
20
Zeek package to generate a SMB client fingerprint
Cve 2021 44228
⭐
18
Log4j Exploit Detection Logic for Zeek
Zeek Sublime
⭐
18
Zeek scripting language highlighting/support for Sublime Text
Aaalm
⭐
18
Generate network maps from packet captures
Gommunityid
⭐
17
Go implementation of the Community ID flow hashing standard
Zeek Eternalsafety
⭐
17
Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.
Smtp Url Analysis
⭐
16
Extracting and analyzing URLs from Emails for phishing events
Ssn Exposure
⭐
16
Detect US Social Security Numbers with Zeek
Graylog Zeek Content Pack
⭐
16
BRO/Zeek IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO/Zeek logs coming from a remote sensor.
Zeek Plugin Bacnet
⭐
16
Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol
Detect Ransomware Filenames
⭐
16
Icsnpp Enip
⭐
16
Zeek Ethernet/IP and CIP Parser - CISA ICSNPP
Bro Simple Scan
⭐
15
Clients
⭐
15
Argus clients program repo
Ansible Zeek
⭐
15
setup zeek, previously Bro IDS
Broworkshop
⭐
14
Materials for the BSides NoVA/Charleston 2018 Bro Workshop
Zeek Agent Framework
⭐
13
Script framework for Zeek to integrate with Zeek-Agent and OSQuery (in development)
Domain Tld
⭐
13
Zeek script library for getting the effective TLD of a domain.
Credit Card Exposure
⭐
13
Detect credit card exposures with Bro
Zeekyarascanner
⭐
13
Scan extracted file from Zeek with Yara rules and get statistical analysis for matching files. Optionally, simulate matching malicious files with Picus.
Zeek Sniffpass
⭐
12
Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
Zeek Language Server
⭐
12
Language server for Zeek script
Emojifier
⭐
11
Set your logs on fire with Emoji-🔥!
Zerologon
⭐
11
Zeek package to detect Zerologon
Intel Extensions
⭐
11
Extensions for Zeek's Intelligence Framework.
Spicy Ldap
⭐
10
LDAP analyzer
Dockerized Zeek
⭐
10
Dockerized Zeek
Zeek Elf
⭐
10
A Zeek ELF File Analyzer
Corelight Ansible Roles
⭐
9
Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, Suricata and Zeek solutions.
Zcutter
⭐
9
Extracts fields from zeek logs, compatible with zeek-cut
Cp Zeek
⭐
9
Analyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, each running Confluent Platform and ksqlDB for use in an instructor-led workshop.
Zeek2nix
⭐
9
An operator which calls zeek to nix-ecosystem simply.
Spicy Noise
⭐
9
A Spicy protocol analyzer for WireGuard
Zeek Cluster
⭐
8
Docker based Zeek IDS worker cluster
Top Dns
⭐
8
Top DNS Measurement for Bro
Icsnpp Dnp3
⭐
8
Zeek DNP3 Extension Scripts - CISA ICSNPP
Spl Spt
⭐
8
Zeek plugin to generate data on per-packet sizes and intervals
Zeekjs
⭐
8
ZeekJS - Experimental JavaScript support for Zeek.
Bro Formula
⭐
7
A saltstack formula to install BRO network security monitor on RHEL or Debian based systems
Splunk_on_security_onion
⭐
7
Splunk configs for Security Onion
Cve 2020 16898
⭐
7
A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability)
Bro Is Darknet
⭐
7
Docker Filebeat
⭐
7
Alpine Linux based Filebeat Docker Image
Cve 2021 42292
⭐
7
A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.
Zeek Tls Log Alternative
⭐
7
Zeek scripts that provide an alternative log file logging TLS/SSL traffic
Igmp
⭐
7
Spicy-based IGMP packet analyzer for Zeek
Icsnpp Modbus
⭐
7
Zeek Modbus Extension Scripts - CISA ICSNPP
Netflowlabeler
⭐
6
A configurable rule-based labeling tool for network flow files.
Add Json
⭐
6
Enables additional JSON-logging for Zeek.
1-100 of 119 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.