Top DNS Measurement for Bro
☆10Aug 22, 2020Updated 5 years ago
Alternatives and similar repositories for top-dns
Users that are interested in top-dns are comparing it to the libraries listed below
Sorting:
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆35Jan 4, 2025Updated last year
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 3 months ago
- Detect HTTP stalling attacks like slowloris with Bro☆19Mar 1, 2018Updated 8 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 4 years ago
- Bro Detection Scripts☆10Mar 9, 2021Updated 5 years ago
- ☆18Dec 20, 2024Updated last year
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Oct 31, 2018Updated 7 years ago
- Sniffpass will alert on cleartext passwords discovered in HTTP POST requests☆17Oct 30, 2023Updated 2 years ago
- A Python implementation of the Community ID flow hashing standard☆23Nov 29, 2023Updated 2 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 3 months ago
- HTTP Protocol Stack CVE-2021-31166☆13Oct 17, 2024Updated last year
- Code for try.zeek.org.☆18Mar 13, 2026Updated last week
- Zeek network security monitor plugin that enables parsing of the BACnet standard building controls protocol☆30Apr 23, 2025Updated 10 months ago
- Treck Network Stack Discovery Tool by JSOF☆34Jun 30, 2020Updated 5 years ago
- Ransomware Detection Test PowerShell Script☆11Sep 22, 2017Updated 8 years ago
- Zeek package to create JSON formatted logs to stream into data analysis systems.☆30Dec 3, 2025Updated 3 months ago
- A tool for detecting sensitive data in code repositories☆18Feb 25, 2026Updated 3 weeks ago
- Treck Network Stack Discovery Tool [Ripple20]☆12Jul 1, 2020Updated 5 years ago
- PERCEIVE is a project incubator inspired by Apache Incubator and Stack Exchange's Area 51. It serves as a staging zone repository for the…☆13May 21, 2018Updated 7 years ago
- Snort_rules detection bad actors.☆29Aug 18, 2024Updated last year
- Plugin providing AF_XDP support for Bro.☆14May 10, 2021Updated 4 years ago
- API to access the Redis database of a BGP Ranking instance.☆17Dec 11, 2017Updated 8 years ago
- Six Degrees of Domain Admin☆15Oct 23, 2017Updated 8 years ago
- A Spicy protocol analyzer for WireGuard☆29Aug 11, 2020Updated 5 years ago
- Cheat-Sheet with events too look out for when analysing malicious Office documents☆19Oct 21, 2017Updated 8 years ago
- ELK roles & profiles with Puppet☆14Feb 28, 2020Updated 6 years ago
- zeek-scripts☆44Dec 27, 2018Updated 7 years ago
- Utility for parsing Bro log files into CSV or JSON format☆41Jan 12, 2023Updated 3 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated this week
- Generate network maps from packet captures☆30Sep 15, 2019Updated 6 years ago
- Mach-O file format reader, written entirely in Swift☆13May 10, 2020Updated 5 years ago
- DumpStrings programmatically extracts strings from Mach-O (macOS), ELF (Linux), and PE (Windows) binary formats by parsing their string-c…☆17Mar 14, 2026Updated last week
- An informational repo about hunting for adversaries in your IT environment.☆14Apr 10, 2017Updated 8 years ago
- setup zeek, previously Bro IDS☆18Feb 5, 2026Updated last month
- Docker deployment configuration for Astral app - a GitHub stars organizer application with Laravel and PHP.☆13May 2, 2020Updated 5 years ago
- Full pipeline for log analysis and anomaly detection.☆18Feb 11, 2020Updated 6 years ago
- PyTest Salt Plugin☆13Jan 27, 2020Updated 6 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Dec 27, 2017Updated 8 years ago