corelight/zeek-long-connections external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

corelight/zeek-long-connections

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/corelight/zeek-long-connections)

Close

corelight / zeek-long-connectionsView on GitHubMore

• External links
• Readme badge

Zeek package for tracking long connections to report them before they have completed.

☆31Nov 25, 2025Updated 4 months ago

Alternatives and similar repositories for zeek-long-connections

Users that are interested in zeek-long-connections are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• corelight / conn-burst

  View on GitHub
  A Bro package to identify connections that are bursting (lots of data and transferring quickly).
  ☆13Oct 15, 2020Updated 5 years ago
• corelight / top-dns

  View on GitHub
  Top DNS Measurement for Bro
  ☆10Aug 22, 2020Updated 5 years ago
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• jbaggs / anomalous-dns

  View on GitHub
  A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.
  ☆35Jan 4, 2025Updated last year
• corelight / log-add-http-post-bodies

  View on GitHub
  Add POST body excerpt to Bro's HTTP log
  ☆14Dec 10, 2025Updated 3 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• precurse / zeek-httpattacks

  View on GitHub
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Mar 16, 2023Updated 3 years ago
• ncsa / bro-simple-scan

  View on GitHub
  ☆14Jan 14, 2026Updated 2 months ago
• MITRECND / bro-http2

  View on GitHub
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Jun 11, 2024Updated last year
• 0xl3x1 / zeek-EternalSafety

  View on GitHub
  Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.
  ☆19Aug 21, 2025Updated 7 months ago
• cybera / zeek-sniffpass

  View on GitHub
  Sniffpass will alert on cleartext passwords discovered in HTTP POST requests
  ☆17Oct 30, 2023Updated 2 years ago
• CriticalPathSecurity / zeek-scripts

  View on GitHub
  Bro Detection Scripts
  ☆10Mar 9, 2021Updated 5 years ago
• zeek / zeek-af_packet-plugin

  View on GitHub
  Plugin providing native AF_Packet support for Zeek.
  ☆33Oct 22, 2025Updated 5 months ago
• salesforce / multithreaded-exfil-detection

  View on GitHub
  A simple way of detecting multithreaded exfiltration in Zeek.
  ☆15May 1, 2025Updated 10 months ago
• zeek / broker

  View on GitHub
  Zeek's Messaging Library
  ☆69Mar 22, 2026Updated last week
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• binorassocies / brostash

  View on GitHub
  brostash: Linux distribution based on Debian and focusing on network security events collection
  ☆33Aug 30, 2020Updated 5 years ago
• micrictor / spl-spt

  View on GitHub
  Zeek plugin to generate data on per-packet sizes and intervals
  ☆14Apr 21, 2020Updated 5 years ago
• corelight / zeek-community-id

  View on GitHub
  Zeek support for Community ID flow hashing.
  ☆36Jul 11, 2023Updated 2 years ago
• corelight / json-streaming-logs

  View on GitHub
  Zeek package to create JSON formatted logs to stream into data analysis systems.
  ☆30Dec 3, 2025Updated 3 months ago
• theparanoids / rdfp

  View on GitHub
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆40Jun 20, 2023Updated 2 years ago
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 4 years ago
• initconf / scan-NG

  View on GitHub
  scan-detection policies for bro
  ☆16Jan 16, 2025Updated last year
• ventz / docker-cif

  View on GitHub
  CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)
  ☆12Apr 18, 2018Updated 7 years ago
• tenzir / dockerized-zeek

  View on GitHub
  Dockerized Zeek
  ☆12Mar 9, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• dgunter / ParseZeekLogs

  View on GitHub
  Utility for parsing Bro log files into CSV or JSON format
  ☆41Jan 12, 2023Updated 3 years ago
• tenzir / zeek-tenzir

  View on GitHub
  Enables Zeek to communicate with Tenzir
  ☆11Jul 20, 2023Updated 2 years ago
• jsiwek / bro_vetting

  View on GitHub
  Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.
  ☆13Jun 28, 2013Updated 12 years ago
• corelight / zerologon

  View on GitHub
  Zeek package to detect Zerologon
  ☆11Nov 10, 2021Updated 4 years ago
• J-Gras / intel-extensions

  View on GitHub
  Extensions for Zeek's Intelligence Framework.
  ☆11Mar 1, 2022Updated 4 years ago
• grigorescu / binpac_quickstart

  View on GitHub
  ☆21Oct 16, 2021Updated 4 years ago
• spitfire55 / MegaDev

  View on GitHub
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Oct 31, 2018Updated 7 years ago
• tylabs / dovehawk

  View on GitHub
  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
  ☆122Jul 12, 2021Updated 4 years ago
• nturley3 / zeek-kerberos-haters-guide

  View on GitHub
  Kerberos Haters Guide to Zeek Threat Hunting
  ☆35Oct 14, 2021Updated 4 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• irtimmer / bro-xdp_packet-plugin

  View on GitHub
  Plugin providing AF_XDP support for Bro.
  ☆14May 10, 2021Updated 4 years ago
• corelight / json-tcp-lb

  View on GitHub
  line based tcp load balancing proxy.
  ☆14Jun 18, 2024Updated last year
• corelight / zeek-cheatsheets

  View on GitHub
  Zeek Log Cheatsheets
  ☆304Aug 12, 2025Updated 7 months ago
• JustinAzoff / can-i-use-afpacket-fanout

  View on GitHub
  Validate if afpacket PACKET_FANOUT_HASH is working properly
  ☆25May 19, 2022Updated 3 years ago
• salesforce / bro-sysmon

  View on GitHub
  How to Zeek Sysmon Logs!
  ☆103Feb 12, 2022Updated 4 years ago
• corelight / threat-hunting-guide

  View on GitHub
  ☆58Mar 4, 2022Updated 4 years ago
• zeek / zeekctl

  View on GitHub
  Tool for managing Zeek deployments.
  ☆60Mar 12, 2026Updated 2 weeks ago