bbannier / zeek-language-server

Related projects ⓘ

Alternatives and complementary repositories for zeek-language-server

• corelight / cve-2021-44228
  Log4j Exploit Detection Logic for Zeek
  ☆19Updated 6 months ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆34Updated last year
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆68Updated 4 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆258Updated last year
• jbaggs / anomalous-dns
  A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.
  ☆33Updated 6 months ago
• zeek / zeek-af_packet-plugin
  Plugin providing native AF_Packet support for Zeek.
  ☆33Updated 7 months ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 4 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆95Updated 4 years ago
• SCILabsMX / yaraZeekAlert
  This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…
  ☆60Updated 11 months ago
• corelight / zerologon
  Zeek package to detect Zerologon
  ☆11Updated 3 years ago
• regit / suriwire
  Wireshark plugin to display Suricata analysis info
  ☆91Updated 3 years ago
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆86Updated last year
• zeek / zeek-training
  Zeek Training Materials/Products
  ☆35Updated last month
• corelight / json-streaming-logs
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆28Updated 11 months ago
• PaloAltoNetworks / ioc-parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆72Updated 5 months ago
• digitalbond / Quickdraw-Suricata
  A set of ICS IDS rules for use with Suricata.
  ☆47Updated last year
• tylabs / dovehawk
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆121Updated 3 years ago
• NozomiNetworks / tricotools
  Triconex TriStation utilities and tools
  ☆71Updated 5 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 weeks ago
• amzn / zeek-plugin-enip
  Zeek network security monitor plugin that enables parsing of the Ethernet/IP and Common Industrial Protocol standards
  ☆45Updated 5 months ago
• zeek / zeek-aux
  Zeek Auxiliary Programs
  ☆26Updated 2 months ago
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆89Updated 5 years ago
• zeek / packages
  The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
  ☆130Updated this week
• zeek / spicy-analyzers
  Growing collection of Spicy-based protocol and file analyzers for Zeek
  ☆31Updated 2 months ago
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• amzn / zeek-plugin-bacnet
  Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol
  ☆30Updated 5 months ago
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• stratosphereips / zeek_anomaly_detector
  A completely automated anomaly detector Zeek network flows files (conn.log).
  ☆74Updated 3 months ago
• secureworks / aristotle
  ☆36Updated 2 weeks ago