This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a match it sends email alerts to the email address specified in the mailTo parameter on yaraAlert.conf file. The alert includes network context of the file transfer and attaches the suspicious file if it is less tha…
☆62Dec 16, 2023Updated 2 years ago
Alternatives and similar repositories for yaraZeekAlert
Users that are interested in yaraZeekAlert are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 7 years ago
- ☆98Oct 7, 2020Updated 5 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆40Aug 18, 2022Updated 3 years ago
- ☆23Dec 15, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆44Jun 6, 2019Updated 7 years ago
- Yet another rule generator for Yara☆29Jun 6, 2025Updated last year
- Extract files from network traffic with Zeek.☆102Mar 17, 2020Updated 6 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Oct 31, 2018Updated 7 years ago
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 3 years ago
- ASERT shared scripts for reversing☆32Feb 5, 2018Updated 8 years ago
- Automatic Yara Rule Generation☆332Feb 2, 2016Updated 10 years ago
- A simple way of detecting multithreaded exfiltration in Zeek.☆15May 1, 2025Updated last year
- Various Yara signatures (possibly to be included in a release later).☆87May 23, 2019Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Tornado Demo Vulnerable Application to test SQL injection vulnerability and patch it using RASP (Runtime Application Self-Protection)☆11Nov 15, 2017Updated 8 years ago
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆30Jun 11, 2024Updated 2 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 5 years ago
- Misc malware stuff☆11Sep 30, 2020Updated 5 years ago
- Helm charts for deploying Malcolm☆16Jun 3, 2026Updated last week
- Sentinel Guard - Use to build up Honeypot and Honeynet with ZERO cost easily and simply.☆18Jul 25, 2021Updated 4 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆455Jun 1, 2026Updated last week
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 6 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆19Sep 21, 2020Updated 5 years ago
- Malware/IOC ingestion and processing engine�☆110Nov 20, 2018Updated 7 years ago
- Kaspersky's GReAT KLara☆731Jul 24, 2024Updated last year
- Active C2 IoCs☆100Nov 28, 2022Updated 3 years ago
- Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260☆19Nov 28, 2019Updated 6 years ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Nov 26, 2025Updated 6 months ago
- ☆10Dec 24, 2022Updated 3 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- zeek-scripts☆44Dec 27, 2018Updated 7 years ago
- IDA python plugin to scan binary with Yara rules☆181Jan 30, 2024Updated 2 years ago
- Zeek-Formatted Threat Intelligence Feeds☆399Updated this week
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆210Jul 21, 2022Updated 3 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Mar 13, 2018Updated 8 years ago
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- Set of Yara rules for finding files using magics headers☆142Sep 8, 2020Updated 5 years ago