JustinAzoff / zeek-pdns
Passive DNS collection using Zeek
☆181Updated last year
Alternatives and similar repositories for zeek-pdns:
Users that are interested in zeek-pdns are comparing it to the libraries listed below
- passivedns-client provides a library and a query tool for querying several passive DNS providers☆199Updated 3 years ago
- Extract files from network traffic with Zeek.☆99Updated 4 years ago
- Bro scripts to be shared with the community☆109Updated 11 years ago
- Vulnerability Data in ES☆146Updated 7 years ago
- ☆76Updated 2 years ago
- Rule sets for Sagan☆102Updated 4 years ago
- How to Zeek Sysmon Logs!☆101Updated 2 years ago
- Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.☆76Updated 2 weeks ago
- Various Bro scripts☆96Updated 8 years ago
- Honeynet Project generic authenticated datafeed protocol☆214Updated last year
- ☆35Updated last year
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- Python abstract API for PassiveTotal services in the form of libraries and command line utilities.☆85Updated last year
- DNSDB query scripts☆75Updated 4 years ago
- QRadio ~ Best Threat Intelligence Radio ~ Tune In!☆96Updated 8 years ago
- DGA Domains detection☆62Updated 6 years ago
- Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers☆72Updated 7 years ago
- Ready to run scripts for network analysis☆87Updated 4 months ago
- Scripts for Bro IDS and ELK Stack☆56Updated 9 years ago
- Honeypot repo☆47Updated 9 years ago
- Web service for scanning pcaps with snort☆108Updated 6 years ago
- Malware Sinkhole List in various formats☆102Updated 2 years ago
- Suricata Extreme Performance Tuning guide☆205Updated 6 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆112Updated 5 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆183Updated last year