JustinAzoff / zeek-pdns
Passive DNS collection using Zeek
☆182Updated last year
Alternatives and similar repositories for zeek-pdns:
Users that are interested in zeek-pdns are comparing it to the libraries listed below
- passivedns-client provides a library and a query tool for querying several passive DNS providers☆200Updated 3 years ago
- Vulnerability Data in ES☆146Updated 7 years ago
- Bro scripts to be shared with the community☆109Updated 12 years ago
- Honeynet Project generic authenticated datafeed protocol☆214Updated last year
- Web service for scanning pcaps with snort☆109Updated 6 years ago
- Extract files from network traffic with Zeek.☆101Updated 5 years ago
- Python abstract API for PassiveTotal services in the form of libraries and command line utilities.☆85Updated last year
- Passive DNS V2☆61Updated 11 years ago
- Rule sets for Sagan☆103Updated 4 years ago
- Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers☆71Updated 8 years ago
- QRadio ~ Best Threat Intelligence Radio ~ Tune In!☆96Updated 8 years ago
- Core elements of the Modern Honey Network implemented in Docker☆34Updated 3 years ago
- Threat Analysis, Reconnaissance, and Data Intelligence System☆125Updated 9 years ago
- ☆75Updated 3 years ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- Scripts for Bro IDS and ELK Stack☆56Updated 9 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Ready to run scripts for network analysis☆88Updated last month
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.☆81Updated last month
- Bro IDS programs collection.☆145Updated 5 years ago
- ☆35Updated last year
- Various Bro scripts☆96Updated 8 years ago
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆150Updated 11 months ago
- Internet data acquisition☆149Updated 4 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- YALIH (Yet Another Low Interaction Honeyclient) is a low Interaction Client honeypot designed to detect malicious websites through signat…☆68Updated 5 years ago
- DNSDB query scripts☆75Updated 5 years ago
- Honeypot deployment made easy☆235Updated 6 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆113Updated 6 years ago