CriticalPathSecurity/zeek-scripts external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

CriticalPathSecurity/zeek-scripts

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CriticalPathSecurity/zeek-scripts)

Close

CriticalPathSecurity / zeek-scriptsView on GitHubMore

• External links
• Readme badge

Bro Detection Scripts

☆10Mar 9, 2021Updated 5 years ago

Alternatives and similar repositories for zeek-scripts

Users that are interested in zeek-scripts are comparing it to the libraries listed below

• tenzir / zeek-tenzir

  View on GitHub
  Enables Zeek to communicate with Tenzir
  ☆11Jul 20, 2023Updated 2 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 4 years ago
• corelight / json-streaming-logs

  View on GitHub
  Zeek package to create JSON formatted logs to stream into data analysis systems.
  ☆30Dec 3, 2025Updated 3 months ago
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• J-Gras / intel-extensions

  View on GitHub
  Extensions for Zeek's Intelligence Framework.
  ☆11Mar 1, 2022Updated 4 years ago
• corelight / log-add-http-post-bodies

  View on GitHub
  Add POST body excerpt to Bro's HTTP log
  ☆14Dec 10, 2025Updated 3 months ago
• initconf / scan-NG

  View on GitHub
  scan-detection policies for bro
  ☆16Jan 16, 2025Updated last year
• corelight / zeek-long-connections

  View on GitHub
  Zeek package for tracking long connections to report them before they have completed.
  ☆31Nov 25, 2025Updated 3 months ago
• 0sm0s1z / wopr

  View on GitHub
  ☆11Aug 19, 2017Updated 8 years ago
• fatemabw / bro-scripts

  View on GitHub
  ☆16Feb 13, 2020Updated 6 years ago
• MITRECND / bro-http2

  View on GitHub
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Jun 11, 2024Updated last year
• ncsa / bro-doctor

  View on GitHub
  ☆24Mar 29, 2020Updated 5 years ago
• mixmodeai / bro_intel_linter

  View on GitHub
  Bro Intel Feed Linter
  ☆26Aug 30, 2019Updated 6 years ago
• jiansiting / ripple20-poc

  View on GitHub
  Treck Network Stack Discovery Tool by JSOF
  ☆34Jun 30, 2020Updated 5 years ago
• PDXBek / Misinformation

  View on GitHub
  Word lists for analyzing media reporting
  ☆23Apr 11, 2018Updated 7 years ago
• cisagov / sensitive-data-scanner

  View on GitHub
  A tool for detecting sensitive data in code repositories
  ☆18Feb 25, 2026Updated 3 weeks ago
• LubyRuffy / FingerPrinting-Ripple20

  View on GitHub
  Treck Network Stack Discovery Tool [Ripple20]
  ☆12Jul 1, 2020Updated 5 years ago
• spitfire55 / MegaDev

  View on GitHub
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Oct 31, 2018Updated 7 years ago
• alex-harvey-z3q / elk

  View on GitHub
  ELK roles & profiles with Puppet
  ☆14Feb 28, 2020Updated 6 years ago
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 4 years ago
• lukasz-lobocki / step-badger

  View on GitHub
  Exporting data out of the badger database of step-ca.
  ☆30Dec 30, 2025Updated 2 months ago
• jsiwek / bro_vetting

  View on GitHub
  Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.
  ☆13Jun 28, 2013Updated 12 years ago
• CTF-Organizers / Wiki

  View on GitHub
  A Centralized Wiki for CTF Organization
  ☆10Sep 22, 2021Updated 4 years ago
• ventz / docker-cif

  View on GitHub
  CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)
  ☆12Apr 18, 2018Updated 7 years ago
• JustinAzoff / zeek-clickhouse

  View on GitHub
  ☆13Aug 13, 2021Updated 4 years ago
• fbb-git / stealth

  View on GitHub
  Stealth is a File Integrity scanner performing its work in a stealthy way.
  ☆12Jun 25, 2018Updated 7 years ago
• zeek / package-manager

  View on GitHub
  A package manager for Zeek
  ☆47Mar 5, 2026Updated 2 weeks ago
• mixmodeai / bro_amqp_plugin

  View on GitHub
  PacketSled's Bro AMQP Writer Plugin
  ☆11Aug 5, 2016Updated 9 years ago
• juju4 / ansible-zeek

  View on GitHub
  setup zeek, previously Bro IDS
  ☆18Feb 5, 2026Updated last month
• ndejong / pfsense_fauxapi_client_python

  View on GitHub
  Python client for pfSense-FauxAPI
  ☆13Jan 12, 2026Updated 2 months ago
• sslab-gatech / ucognito

  View on GitHub
  ☆12Nov 2, 2015Updated 10 years ago
• davide97l / Log-Analysis-for-Anomaly-Detection

  View on GitHub
  Full pipeline for log analysis and anomaly detection.
  ☆18Feb 11, 2020Updated 6 years ago
• abhn / S3Scan

  View on GitHub
  Script to spider a website and find publicly open S3 buckets
  ☆29Oct 1, 2020Updated 5 years ago
• ZetaTwo / binja-experiments

  View on GitHub
  Experiments, snippets and other things related to Binary Ninja
  ☆17Oct 22, 2024Updated last year
• alexivkin / containerpwn

  View on GitHub
  Container security resources
  ☆10Nov 14, 2020Updated 5 years ago
• vmware-archive / pytest-salt

  View on GitHub
  PyTest Salt Plugin
  ☆13Jan 27, 2020Updated 6 years ago
• precurse / zeek-httpattacks

  View on GitHub
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Mar 16, 2023Updated 3 years ago
• skinnyrad / Mr-Radar

  View on GitHub
  Mr. Radar is a port security evading, discovery device used to detect network switches connected to lone network ports.
  ☆12Feb 13, 2023Updated 3 years ago