Zeek Log Cheatsheets
☆304Aug 12, 2025Updated 8 months ago
Alternatives and similar repositories for zeek-cheatsheets
Users that are interested in zeek-cheatsheets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆58Mar 4, 2022Updated 4 years ago
- Zeek package for tracking long connections to report them before they have completed.☆31Nov 25, 2025Updated 4 months ago
- A package manager for Zeek☆47Mar 5, 2026Updated last month
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Oct 15, 2020Updated 5 years ago
- Enables Zeek to communicate with Tenzir☆11Jul 20, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Zeek support for Community ID flow hashing.☆36Jul 11, 2023Updated 2 years ago
- Collection of walkthroughs on various threat hunting techniques☆77Aug 3, 2020Updated 5 years ago
- Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark☆455Mar 19, 2026Updated last month
- ☆16Feb 13, 2020Updated 6 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 4 months ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆32Jun 29, 2022Updated 3 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Jun 15, 2021Updated 4 years ago
- line based tcp load balancing proxy.☆14Jun 18, 2024Updated last year
- scan-detection policies for bro☆16Jan 16, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Windows Events Attack Samples☆2,549Jan 24, 2023Updated 3 years ago
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆143Updated this week
- ☆24Mar 29, 2020Updated 6 years ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆194Sep 23, 2024Updated last year
- A set of Zeek scripts to detect ATT&CK techniques.☆622Jun 26, 2024Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,513Jan 12, 2026Updated 3 months ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,534Jan 12, 2026Updated 3 months ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆44Jun 6, 2019Updated 6 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A repository of sysmon configuration modules☆3,016Aug 21, 2024Updated last year
- A homebrewed cyber threat intelligence solution☆20Nov 20, 2012Updated 13 years ago
- Create a MS Word index file from PowerPoint notes and slides☆46Sep 6, 2025Updated 7 months ago
- E-Mail Header Analyzer☆696Apr 11, 2023Updated 3 years ago
- Detect Phishing with Bro IDS☆18Feb 1, 2017Updated 9 years ago
- How to Zeek Sysmon Logs!☆103Feb 12, 2022Updated 4 years ago
- Snort_rules detection bad actors.☆29Aug 18, 2024Updated last year
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,156Oct 19, 2025Updated 6 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆39Aug 18, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Bro/Zeek integration with osquery☆94Nov 2, 2020Updated 5 years ago
- Main Sigma Rule Repository☆10,309Apr 1, 2026Updated 2 weeks ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Oct 31, 2018Updated 7 years ago
- Re-play Security Events☆1,734Mar 20, 2024Updated 2 years ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,390Updated this week
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆572Dec 12, 2021Updated 4 years ago
- Detect Tactics, Techniques & Combat Threats☆2,280Jan 21, 2026Updated 2 months ago